A good friend of mine, who was a senior manager at IBM, is now working as a freelance consultant – as he put it: I’m discovering the good (and the bad) of “freelance life” – plenty of free time – but not always when (or where) I want it One of my in-laws has a …
Read more »I think that Data Loss Prevention is great way to detect and prevent payment card and PII data breaches. Certainly, all the DLP vendors think so. Only problem is, the PCI DSS Council doesn’t even have DLP in their standard which pretty much guarantees zero regulatory tail wind for DLP sales to payment card industry …
Read more »Obama’s National Strategy for Trusted Identities in Cyberspace In April President Obama signed the National Strategy for Trusted Identities in Cyberspace (NSTIC) which charts a course for the public and private sectors to collaborate on raising the level of trust associated with identity in online transactions. NSTIC focuses on upgrading outdated password-based authentication systems and …
Read more »Instead of getting some real work done this morning, I started collating some thoughts on cyber security strategy. I guess it’s a lot easier to think about strategies than to fix buggy, risky code. For most people – there are two worlds, the cyberspace world and the physical, people-populated world. This dichotomy of two separate spaces …
Read more »