In music, dissonance is sound quality which seems “unstable”, and has an aural “need” to “resolve” to a “stable” consonance. Leading up to the Al Quaeda attack on the US in 9/11, the FBI investigated, the CIA analyzed but no one bothered to discuss the impact of Saudis learning to fly but not land airplanes. …
Read more »Anything can be measured. As Bertrand Russell wrote – All exact science is based on approximation. If a man tells you he knows a thing exactly, then you can be safe in inferring that you are speaking to an inexact man. This is one of the talks I gave at our weekly Thursday seminar – …
Read more »I love how this Cisco video clip on Blip TV starts with examples of DDOS attacks and then uses shots of incoming content filtering and then dramatizes with a cop not allowing a visitor into the booth - what is going on here? Cisco didn’t have budget for an editor who knows the difference between …
Read more »At the DLP Expert 2009 conference in Moscow 2 weeks ago I heard the following insight from Bill Nagel from Forrester: American companies are rule-based. 40% of US companies state that they have implemented some form of DLP technology. European companies are principles-based. In EMEA, 80% of chief security officers do not have plans to …
Read more »My research article on “Social software – Reconstructing the market boundaries of pharmaceutical sales” was published on the rapidly growing UK healthcare site PharmaPhorum yesterday - one of my first forays outside the data security space in a long time but a direction with a potential to make a big change in the way pharmas …
Read more »Sophos has announced that they will soon include endpoint data loss prevention functionality in their anti-virus software. Developed in-house, Sophos will have an independent offering – unlike Websense, RSA, Symantec, Trend Micro and McAfee (who all purchased DLP technology) and have integrated it into their product lines with various levels of success (or not). The …
Read more »Dissonance between IT and security management. Mark Brewer wrote a thoughtful post on Risk in IT – I liked his use of the term “resilient organizations”, although I have been using the term “robust organizations”. The semantic difference between robustness and resilience may be related to the difference between IT and security management world-views. “Risk …
Read more »Back in February 09 I noted that CVS Caremark Corp. had agreed to pay $2.25 million to settle a federal investigation into allegations that it violated HIPAA privacy regulations when pharmacy employees threw items such as pill bottles with patient information into the trash. This morning, 9 months later – I checked the stock performance …
Read more »I don’t really understand why anyone would want to pay Google money for Adwords. I ran a little experiment recently to promote our web sites using Google Adwords and Twitter. Here are the results: The results of my little online marketing experiment show a huge advantage for Twitter with focused search phrases in bios over …
Read more »The Burton Group have released the results of their research that concludes that Symantec (Vontu), RSA (Tablus) and Websense (Port Authority) are the leading DLP vendors. Burton’s choice is indicative of the Americanization of the information security space, where government compliance regulation and large security vendor marketing agendas appear to drive US customer security decisions. …
Read more »