Insecurity by compliance
If a little compliance creates a false sense of security then a lot of compliance regulation creates an atmosphere of feeling secure, while in fact most businesses and Web services are in fact very insecure. Is a free market democracy doomed to suffer from privacy breaches – by definition? My father is a retired PhD […]
The valley of death between IT and information security
IT is about executing predictable business processes. Security is about reducing the impact of unpredictable attacks to a your organization. In order ot bridge the chasm – IT and security need to adopt a common goal and a common language – a language of customer-centric threat modelling Typically, when a company ( business unit, department or […]
How to remove malware from a Windows PC
We provide software security, threat modeling and threat mediation in the medical device and healthcare space working with technology developers in Israel. How does this work? We evaluate your healthcare software system or medical device from an attacker point of view, then from the management team point of view, and then recommend specific detailed action steps […]
The root cause of credit card data breaches in Israel
In my previous post – “The Israeli credit card breach” I noted that there are 5 fundamental reasons why credit cards are stolen in Israel. None have to do with terror; 4 reasons are cultural and the 5th is everyone’s problem: “confusing compliance with security. After reading the excellent article by Sarah Leibowitz-Dar in the Maariv […]
How to reduce risk of a data breach
Historical data in log files has little intrinsic value in the here-and-now process of event response and mediation and compliance check lists have little direct value in protecting customers. Software Associates specializes in helping medical device and healthcare vendors achieve HIPAA compliance and improve the data and software security of their products in hospital and […]
The connection between porn, fraud and data breaches
Are organizations with higher exposure to online porn and gambling more likely to have a higher incidence of data breach incidents? On the heels of recent Israeli credit card breach incidents, the reports of suspected fraud and money laundering at ICC CAL are bad timing at the very least for Israeli security and compliance. Last […]
The Israeli credit card breach
There are 5 reasons why credit cards are stolen in Israel. None have to do with terror; 4 reasons are cultural and the 5th is everyone’s problem: “confusing compliance with security“. I could write a book on mismanagement of data governance and compliance, data security, web server security, web application software security. In 2003, I […]
What is the best project management software for a startup
Somehow I got roped into a thread on Quora and noticed this item http://www.quora.com/What-is-the-best-online-project-management-software-for-a-startup Lots of people shilling their Web 2.0 SaaS services for project management but at the end of the day, you have to ask why a startup even needs project management software. I’ve been thru a few startups either as founder or CTO […]
Apps vs. the Web, enemy or friend?
Saw this item on Gigaom. George Colony, the chairman and CEO of Forrester Research, re-ignited a minor firestorm recently, with a presentation at the LeWeb conference in which he argued that the web is dead, and being replaced by the app economy — with mobile and smartphone apps that leverage the cloud or other services rather than […]
Problems in current Electronic Health Record systems
Software Associates specializes in helping medical device and healthcare technology vendors achieve HIPAA compliance and improve the data and software security of their products in hospital and mobile environments. As I noted here and here, the security and compliance industry is no different from other industries in having fashion and trends. Two years ago, PHR (Personal […]
