My daughter was distressed yesterday after the Feds shutdown the megaupload file sharing site – “How am I going to see all those series and Korean movies I love? It’s not fair!” The FBI have been after Mr Dotcom for 8 years. His big problem was not the file sharing but his other criminal activities. …
Read more »Sturm und Drang is associated with literature or music aiming to frighten the audience or imbue them with extremes of emotion”. The Symantec Internet Security Threat Report is a good example of sturm und drung marketing endemic in the information security industry. Vendors like Symantec sell fear, not security products, when they report on “Rises on Data …
Read more »
Let’s say your’e a payment processor going through a PCI DSS 2.0 audit: Does this sound familiar? (just replace certain words by certain other compliance related words): Without realizing how it had come about, the combat men in the squadron discovered themselves dominated by the administrators appointed to serve them. They were bullied, insulted, harassed …
Read more »Been a couple weeks since I blogged – have my head down on a few medical device projects and a big PCI DSS audit where I’m helping the client improve his IT infrastructure and balance the demands of the PCI auditors. Last year I gave a talk on quantitative methods for estimating operational risk of …
Read more »Ethical breaches or data breaches. I was standing in line at Ben Gurion airport, waiting for my bag to be x-rayed. A conversation started with a woman standing next to me in line. The usual sort – “Where are you traveling and what kind of work do you do?”. I replied that I was traveling …
Read more »One year ago this time was World Cup season and Mondial fever put a lot of regional conflicts on the back burner for a month – not to mention put a dent in a lot of family budgets (husbands buying the latest 60 inch Sony Bravia and wives on retail therapy while the guys are …
Read more »There are some good reasons why cloud computing is growing so rapidly. First of all there are the technology enablers: Bandwidth and computing power is cheap. Software development is more accessible than ever. Small software teams can develop great products and distribute it world wide instantly. But cloud computing goes beyond supply-side economics and directly …
Read more »Yes – there is apparently a White House directive to keep Wikileaks documents off Federal networks – according to a directive from the White House Office of Management & Budget on the treatment of classified documents. WASHINGTON, Nov 29 (Reuters) – The United States said on Monday that it deeply regretted the release of any classified …
Read more »Is there any conceivable reason why should not run your security operation like you run your core business? The sales people in your firm have sales quotas and are measured by gross profit margin and collections. The people who run manufacturing and distribution have quotas for manufacturing throughput and inventory cycle times. So why shouldn’t your …
Read more »Over 6 years after the introduction of the first data loss prevention products, DLP technology has not mainstreamed into general acceptance like firewalls. The cultural phenomenon of companies getting hit by data breaches but not adopting technology countermeasures to mitigate the threat requires deeper investigation but today, I’d like to examine the psychology of data security …
Read more »