Tag: ethics

  • Procedures are not a substitute for ethical behavior

    Are procedures  a substitute for responsible and ethical behavior? The  behavior of former secretary  of  State (and Presidential race loser) Hilary Clinton is an important example of how feeling entitled is not the exclusive domain of under 20-somethings. When we do a threat analysis of medical devices, we try to look beyond the technical security […]

  • Why data leaks

    The 6 key business requirements for protecting patient data in networked medical devices and EHR systems: Prevent data leakage directly of ePHI (electronic protected health information) from  the device itself, the management information system and or the hospital information system interface. Data loss can be protected directly using network DLP technology from companies like Websense […]

  • Why big data for healthcare is dangerous and wrong

    The Mckinsey Global Institute recently published a report entitled – Big data: The next frontier for innovation, competition, and productivity . The Mckinsey Global Institute report on big data is no more than a lengthy essay in fallacies, inflated hyperbole, faulty assumptions, lacking in evidence for its claims and ignoring the two most important stakeholders of […]

  • Data Classification and Controls Policy for PCI DSS

    Do you run an e-commerce site? Are you sure you do not store any payment card data or PII (personally identifiable information) in some MySQL database? The first step in protecting credit card and customer data is to know what sensitive data you really store, classify what you have  and set up the appropriate security […]

  • The valley of death between IT and information security

    IT is about executing predictable business processes. Security is about reducing the impact of unpredictable attacks to a your organization. In order ot bridge the chasm – IT and security need to adopt a common goal and a common language – a language  of customer-centric threat modelling Typically, when a company ( business unit, department or […]

  • Ehud Barak, information leaks and political activism

    What do Anat Kamm, Ehud Barak and Meir Dagan have in common? Ehud Barak is current Israeli Minister of Defense, former IDF Chief of Staff and former Prime Minister  that led the disastrous withdrawal from Lebanon that fomented Intifada II and then Lebanese War II.  Barak is famous for quotes like “If I was a Palestinian, I […]

  • The political power of social media

    Clay Shirky writes on Foreign Affairs this week Arguing for the right of people to use the Internet freely is an appropriate policy for the United States, both because it aligns with the strategic goal of strengthening civil society worldwide and because it resonates with American beliefs about freedom of expression By switching from an […]

  • Why less log data is better

    Been a couple weeks since I blogged – have my head down on a few medical device projects and a big PCI DSS audit where I’m helping the client improve his IT infrastructure and balance the demands of the PCI auditors. Last year I gave a talk on quantitative methods for estimating operational risk of […]

  • The ethical aspects of data security

    Ethical breaches or data breaches. I was standing in line at Ben Gurion airport, waiting for my bag to be x-rayed. A conversation started with a woman standing next to me in line. The usual sort – “Where are you traveling and what kind of work do you do?”. I replied that I was traveling […]

  • The economics of software piracy

    One year ago this time was World Cup season and Mondial fever put a lot of regional conflicts on the back burner for a month – not to mention put a dent in a lot of family budgets (husbands buying the latest 60 inch Sony Bravia and wives on retail therapy while the guys are […]

1 2 3 6
Next Page