Not that I’m creative enough to come up with this, the guilty parties behind the werds are shrdlu and danphilpott.

• Exhaustive Security Testing is Bad For You
• More Security Controls You Won’t See in 800-53: Now in LOLCAT Form!
• The Authorizing Official and the Lolcat
• IKANHAZFIZMA Does Awareness Training
• Legacy Systems: Where the Catalog Falls Apart and LOLCATS Roam

What do you get when you have too many observers and not enough doers? You get the current state of oversight in the Government’s IT security implementation.  With the focus supposedly switching from building projects to continuous monitoring, it leaves a question lingering in the back of my mind: are the auditors going to switch to near-real-time observation?

Hence, the age-old cybersecurity question:

• Legacy Systems: Where the Catalog Falls Apart and LOLCATS Roam
• Lolcats take on Laws, Sausage, Cyberwhatzits, and PCI
• Desperately Seeking a Cybersecurity Czar^wCoordinator
• Beware the Audit Hammer
• Auditors and LULZ

Best job in the Government today: all the money and a mission to spend it on.  You know the old saying “Either you’re driving the bus or you’re under it”?  Well, these guys drive.

• Preliminary Findings on Cybersecurity Review Now Out
• #RefRef the Vaporware DoS Tool
• Cyber Command Goes LOLCATS
• The Authorizing Official and the Lolcat
• Yet More Security Controls You Won’t See in SP 800-53

A favorite subject for me this week: personnel security, clearances, and being fingerprinted. For those of you who have yet had the joy of being fingerprinted (a task that we reserve for criminals and people who work with/in the Government), you need to adopt a similar pose to what our lolcat is doing.

Oh yeah, the part that they don’t tell you is that they have cool flatbed scanners that don’t require you to get all inked up, they just have to be approved for use.

• Government Akountability Office
• IKANHAZFIZMA and Transparency
• Look Out, Sir Bruce, IKANHAZFIZMA is Coming for You
• Cyber-Ninja Lolcats Caught on Film
• Lolcats and QR Codes

Yes, auditors are the source of many lulz for those of us, mostly because they ask silly questions off of their script.

But hey, it’s a hard job to do, and I have lots of respect for auditors.  A good auditor is worth their weight in fibre runs any day of the week.

• Audit Requirements come to LOLCATS
• Legacy Systems: Where the Catalog Falls Apart and LOLCATS Roam
• Cyber Command Goes LOLCATS
• Continuous Monitoring with LOLCATS
• SCAP in Lulz

While the rest of the world had a nice relaxing weekend preparing for the upcoming election, our Guerilla CISO LOLCATS spent lots of their time tracking down non-patched computers.  Yet another highly-glamorous CISO activity that somehow doesn’t end up in the recruiting posters.  What’s that?  Oh yeah, we don’t really recruit security managers, it’s more like being voluntold.

Sometimes in my less-coherent hours, this is exactly how I picture desktops reaching out to WSUS for those oh-so-critical patches:

• Guerilla CISO Goes Back to Work
• Shmoocon: Less Moose, More LOLCATS
• Lolcats Coming to you from the Cloud
• Lolcats Protect the End Users
• Lolcats and QR Codes