If a little compliance creates a false sense of security then a lot of compliance regulation creates an atmosphere of feeling secure, while in fact most businesses and Web services are in fact very insecure. Is a free market democracy doomed to suffer from privacy breaches – by definition? My father is a retired PhD …
Read more »IT is about executing predictable business processes. Security is about reducing the impact of unpredictable attacks to a your organization. IT and security adopt a common goal and a common language – a language of customer-centric threat modelling Typically, when a company ( business unit, department or manager) needs a line of business software application, IT …
Read more »We provide software security, threat modeling and threat mediation in the medical device and healthcare space working with technology developers in Israel. How does this work? We evaluate your healthcare software system or medical device from an attacker point of view, then from the management team point of view, and then recommend specific detailed action steps …
Read more »In my previous post – “The Israeli credit card breach” I noted that there are 5 fundamental reasons why credit cards are stolen in Israel. None have to do with terror; 4 reasons are cultural and the 5th is everyone’s problem: “confusing compliance with security. After reading the excellent article by Sarah Leibowitz-Dar in the Maariv …
Read more »Historical data in log files has little intrinsic value in the here-and-now process of event response and mediation and compliance check lists have little direct value in protecting customers. Software Associates specializes in helping medical device and healthcare vendors achieve HIPAA compliance and improve the data and software security of their products in hospital and …
Read more »Are organizations with higher exposure to online porn and gambling more likely to have a higher incidence of data breach incidents? On the heels of recent Israeli credit card breach incidents, the reports of suspected fraud and money laundering at ICC CAL are bad timing at the very least for Israeli security and compliance. Last …
Read more »There are 5 reasons why credit cards are stolen in Israel. None have to do with terror; 4 reasons are cultural and the 5th is everyone’s problem: “confusing compliance with security“. I could write a book on mismanagement of data governance and compliance, data security, web server security, web application software security. In 2003, I …
Read more »Somehow I got roped into a thread on Quora and noticed this item http://www.quora.com/What-is-the-best-online-project-management-software-for-a-startup Lots of people shilling their Web 2.0 SaaS services for project management but at the end of the day, you have to ask why a startup even needs project management software. I’ve been thru a few startups either as founder or CTO …
Read more »Saw this item on Gigaom. George Colony, the chairman and CEO of Forrester Research, re-ignited a minor firestorm recently, with a presentation at the LeWeb conference in which he argued that the web is dead, and being replaced by the app economy — with mobile and smartphone apps that leverage the cloud or other services rather than …
Read more »Are technical privacy controls a substitute for responsible human behavior? In the business environment, management leadership from the front on data security and privacy is a more effective (as in cheaper and stronger) countermeasure than technology when it comes to mitigating trusted insider threats. In the family environment, we traditionally see parents as responsible for …
Read more »