It’s always interesting to see if industry analysis stands the test of time, like Dana Gardner (formerly with the Yankee Group, now with Interarbor Solutions) who told Internetnews.com back in 2004 that “Solaris may find fertile ground in the embedded space with a combination of real-time Java and the Solaris operating system”. Hmm. Now there’s …
Read more »One thing that is burnt into my personal flash memory from 7 years at Intel is working in Plan 2009 in September/October. This time of year, I start thinking about how we can survive and grow the business. We all like to think we learn from mistakes, however, recent experiences reminded me that the software …
Read more »Quantity or quality - that is the question! There is a great deal of debate between the supporters of quantitative risk assessment and the supporters of qualitative risk assessment in the security and compliance business. The qualitative people say that since it is impossible to estimate risk as an absolute number such as “87 percent …
Read more »There is an automated self-service fingerprint id system for passport control at Ben Gurion Airport. I was one of the early adopters and stopped after a year of frustrating attempts to get it to recognize my fingers. They were charging 50 sheqels/year for the service – the last thing an Israeli wants is to be …
Read more »just saw a post from a month ago by Jeremiah Grossman from White Hat Security on his blog PCI-DSS references the outdated OWASP Top Ten There are actually a number of more serious technical issues with PCI DSS 1.1 than using the OWASP Top 10 from 4 years ago. Note the definition of vulnerability management …
Read more »I was working on an article on a holistic approach to data leakage, fraud and revenue leakage today. Spend most of my Sunday, reading and trying to summarize some of the work we’ve done with our telecom service provider customers in Israel and Poland. I came across a thread entitled What is the acceptable percentage …
Read more »