Tag: Security vendors

  • Why your IT vendor doesn’t want you to do a risk analysis

    Did you ever have a feeling that your IT integrator was treating you like a couple of guys selling you a Persian rug?  “Take it now – it’s so beautfiful, just perfect for your living room, a steal  for only $10,000 and it’s on sale” and when you ask if it will last, they tell […]

  • Why Pentagon cyber strategy is divorced from reality.

    From the recent September/October 2010 issue of Foreign Affairs – William Lyn U.S. Deputy Secretary of Defense writes about defending a new domain. The  long, eloquently phrased article, demonstrates that the US has fundamental flaws in it’s strategic thinking about fighting terror: Predicting cyberattacks is also proving difficult, especially since both state and nonstate actors […]

  • Multi-factor authentication for home banking

    For fear of becomming(sic) the next victim of identity theft, 150 million U.S. consumers don’t bank online, according to experts. But the banking industry could improve profitability by as much as $8.3 billion per year if banks build consumers’ confidence in online security, according to the TriCipher Consumer Online Banking Study, conducted by Javelin Strategy […]

  • Information security: Is psychology more important than technology?

    I believe that 3 psychological reasons are the root cause of why many organizations worldwide do not take a leadership position in enterprise information protection. Preventing information security events is an admission of weakness. Why spend money on technology when the first step is admitting that you’re vulnerable? We live in an age of instant […]

  • Is security a washing machine?

    Most security appliance vendors use fluffy charts with a 4 step “information risk management” cycle. It’s always a 4 step cycle, like Symantec’s DLP  “Discover, Monitor, Protect and Manage” and it’s usually on a circular chart but sometimes in a Gartner-style magic quadrant or on a line. It’s like a washing machine cycle that never […]

  • Risk Assessment is a threat to vendors

    I took a couple hours out from work today to pop over to Infosec 2008 in Airport CIty. I don’t normally go to these events unless I’m invited to speak – but it is a good networking opportunity and chance to reconnect with old friends and colleagues. Whenever I go somewhere – I’m always looking […]