Author Archives: peterhgregory

About peterhgregory

Published author of over forty books on security and technology, including Solaris Security, CISSP Guide to Security Essentials, and IT Disaster Recovery Planning for Dummies.

Linksys Velop: Day 1

WiFi in our mid-century split level home has never been pleasant. Built with heavier framing and flooring materials than are used today, compounded by a massive brick chimney that acts like a blockade across the middle of the home, WiFi signals have a hard time getting around.

We are Xfinity broadband customers, and the service has been highly reliable. We have used a mid-grade Linksys access point on 2.4 and 5 GHz, with Linksys repeaters at each end of the home to get signal into the entire home. All these are on the main level; downstairs suffers a bit but it’s not too bad.

I have a detached home office out back, connected by a hard Ethernet line and an Apple Airport Time Capsule for WiFi and backing up my three Mac computers.

Back to the main house. The real problem with WiFi was that we have to connect to different access points depending on where we are in the house.  WiFi signals overlap, so often we’d be on one access point with a really weak signal and poor throughput, and would have to manually reconnect to a closer access point for better performance.  I was growing weary of this.

I’ve been reading reviews (such as this one, and another from PC Magazine) of Grid WiFi systems for months, and put my money down on a Linksys Velop system.

I unboxed the system yesterday and started to set it up. I put the first one in the upstairs hallway on a table, where I could run an Ethernet connection back to the Xfinity modem and where there was power nearby. I downloaded the mobile app (which you must use for setup).

I ran into what is apparently a bug in the setup program, the access points, or both. The Linksys unit should have received a DHCP address from the Xfinity modem, but it didn’t know that it did, and it complained that it did not have an Internet connection.  I struggled with this for over an hour. I finally assigned a fixed IP address to the first Velop unit, and confirmed on the Xfinity modem that it was indeed connected.  However, the Velop unit bitterly complained that there was no Internet connection. Frustrated, I finally decided I was going to ignore this for the moment and proceed with configuration of the Velop unit anyway. I configured the SSID, guest wireless, and other settings. The mobile app was really great for this, and made it really easy.

So here was the surprise. After setting up the first Velop unit, its LED glowing bright red, meaning, no internet connection.  But I thought, what the heck, and I connected to it anyway. I went to my favorite speed test site,, and voila, I was in fact connected to the internet and was getting great throughput (82Mbit/s on my 80Mbit/s service).  The Velop unit’s red LED says one thing, although the mobile app did say everything was fine.

I proceeded to set up the other two Velop units. The mobile app guided me through this and it was a breeze. Each unit took just 5-10 minutes, including downloading the latest firmware updates automatically.

The LED unit on each unit glows bright red, but the system is working pretty well.

I configured two of my Macbook Pros to use the new WiFi, as well as my iPhone. My wife reconfigured the master bedroom television to use the new system as well.  Our downstairs guests are using the guest access, and they told us that it seemed faster than what they were using before.

Our Ring doorbell does not seem to like the Velop unit. But to be fair, I probably should have reconfigured the Ring in the location where it is used. For now, we can’t get a live view but it does send alerts. I will try again tomorrow.


McGraw-Hill and Peter H Gregory Partner to Publish CISM Study Guide

Peter H. Gregory


Seattle, WA – March 12, 2018 – Author Peter H. Gregory has announced that his latest book, “CISM Certified Information Security Manager All-In-One Exam Guide,” has just been published. The book will be available in paperback and electronic editions worldwide.

Peter H Gregory is a well-known author of books on many topics in information security, including certification study guides for CISSP, CISA, and CISM. He has authored over forty books in the past twenty years, beginning with “Solaris Security,” which he wrote in 1998-1999 in the midst of the dot-com boom when most servers on the Internet were powered by the Solaris operating system from Sun Microsystems, and when internet security was just becoming a concern.

“We’re pleased to have partnered with best-selling author Peter Gregory to create CISM All-in-One to support senior cybersecurity professionals who want to achieve this gold standard certification,” cites Wendy Rinaldi, Editorial Director for the International & Professional Group at McGraw-Hill Education. “The breadth of knowledge and experience needed to become a CISM is enormous, and our All-in-One series provides a complete study solution as well as reference for after the exam.”

Gregory has long been passionate about helping aspiring security professionals break into the information security profession. For eight years he was the lead instructor for the University of Washington professional and continuing education in a nine-month course on cyber security, helping mid-career IT professionals pivot into security careers.

“The fact that McGraw-Hill agreed to publish this book on the CISM certification is a testament to the prestige of this certification that was first released in 2002,” cites Gregory. “There is a critical shortage of program-level security professionals, and the CISM certification is the best mainstream certification on security management available today.” To date, over 30,000 professionals have earned the CISM, according to ISACA, the organization that manages CISM and other certifications.

About McGraw-Hill Education

McGraw-Hill Education is a learning science company that delivers personalized learning experiences that help students, parents, educators and professionals drive results. McGraw-Hill Education has offices across North America, India, China, Europe, the Middle East and South America, and makes its learning solutions available in more than 60 languages. Visit us at or find us on Facebook or Twitter.

About Peter H Gregory

Peter H Gregory is a career information security and technology professional who is an executive advisor and virtual CISO for clients in North America. He is the author of over forty books on information security and emerging technology. Visit him at

For interviews with Peter H Gregory, please contact at:

# # #

You are free to disseminate this news story. We request that you reference Peter H Gregory and McGraw-Hill and include our web addresses, and


Nobody Reviews Logs Any More

Systems create event logs that are sometimes the only indicator that something is amiss. The original design intention of logs is that they exist for one of two purposes: to review on a periodic basis as a way of looking for unwanted events, and for forensic purposes in case an incident or breach happens – so that investigators can piece the clues together and see whether the butler did it with a candlestick (if you don’t know the game, Clue!, then just ignore our pithy humor).

We remember “back in the day” when sysadmins would check logs first thing in the morning to see what was amiss. But as sysadmins got busier, guess what was the first daily task to fall by the wayside: you got it – reviewing logs. Soon after, the mere existence of logs was practically forgotten. Logs had become only a forensic resource – but in for them to be useful, you must know that an unwanted event has occurred!

Enter the Security Information and Event Management system, or SIEM for short. A SIEM does what no sysadmin could ever do: it monitors log entries from all systems and network devices in real time, correlates events from various systems and devices, and automatically creates actionable alerts on the spot when unwanted events occur.

Not everyone has a SIEM. Many of those who don’t, don’t review logs either. We strongly discourage this form of negligence, for it is essential that an organization be aware of what is happening in its environment.

 – excerpt from an upcoming book


Audit Seeding

Management may spend considerable time and energy making sure that personnel understand one thing when dealing with auditors: specifically answer the question that the auditor asked, not the question the auditor should have asked; and do not volunteer any information.

There is, however, a useful technique that management (and only management) sometimes uses when working with auditors. I prefer to call this seeding the audit results.  Similar to the technique of cloud seeding, where rain clouds are seeded with substances to cause them to release rain, management can use audit seeding as a way of ensuring that auditors are aware of specific situations that they are willing to include in their audit report. The purpose of audit seeding is generally the creation of an audit issue that will permit management to prioritize an initiative to improve the business.

For example, external auditors are examining access controls, an area where a security manager has had difficulty obtaining funds to make key improvements. While in a discussion with auditors, the security manager may choose to illuminate particular actions, inactions, or other situations in access control processes or technology that the auditor might not have otherwise noticed.

Persons who are considering audit seeding must have a thorough understanding of the subject matter, the controls being tested, the procedures and technologies in play, the auditing methodology in use, and a bit of grit. Audit seeding may be considered a daring move that may have unforeseen results. Finally, persons considering audit seeding must not make auditors feel they are being manipulated, as this could have greater consequences. Instead, management is simply making auditors aware of an important aspect of a control they are auditing.

— excerpt from CISM All-In-One Study Guide


Information Security and Business Continuity Planning Share Common Ground

An analysis of threats that are considered in most risk assessments should prompt the reader to think of natural and man-made disasters that, when they occur, invokes business contingency plans to assure continuity of critical services. It is not an accident that information security and business continuity planning have a lot in common.  Risk assessments are often designed to amply serve both efforts. Indeed, one may argue that business continuity planning is just a branch of information security – the common objective for both is the protection and availability of critical assets and functions.

— Excerpt from CISM All-In-One Study Guide


The Fifth Option in Risk Treatment

For decades, risk management frameworks have cited the same four risk treatment options: accept, mitigate, transfer, and avoid. There is, however, a fifth option that some organizations select: ignore the risk.

Ignoring a risk is a choice, although it is not considered a wise choice.  Ignoring a risk means doing nothing about it – not even making a decision about it. It amounts to little more than pretending the risk does not exist. It’s off the books.

Organizations without risk management programs may be implicitly ignoring all risks, or many of them at least. Organizations might also be practicing informal and maybe even reckless risk management – risk management by gut feel. Without a systematic framework for identifying risks, many are likely to go undiscovered. This could also be considered ignoring risks through the implicit refusal to identify them and treat them properly.

  • excerpt from an upcoming book on risk management

Prior password hygiene comes home to roost

This week I received a notice from suggesting that my user account from had been compromised. In this case, the breach was fairly significant, according to Have I Been Pwned, indicating that mail addresses, passwords, usernames,  and website activity were among the compromised data.

Image result for password memeWow. I hadn’t even thought of that service in years. A quick check at Wikipedia shows they are still in business, but I had forgotten about, probably because and Pandora had garnered my music listening attention.

I looked in my password vault to see what my password was.  I found there was no entry for This is especially troubling, since there is a possibility that the password I used for is used elsewhere (more on that in a minute).  I still have one more password vault to check, but I don’t have physical access to that until tomorrow. Hopefully I’ll find an entry.

In any event, I’ve changed my password at  But not knowing what my prior password was is going to gnaw at me for a while.

Occurrences like this are another reason why we should all use unique, hard to guess passwords for each web site.  Then, if any web site is compromised and that compromise reveals your password, then you can be confident that no other web sites are affected.