Preventing inside jobs with dynamic security
I was talking to Ilan Meller from Identiwall recently. Ilan was a SVP at CA and his latest company is doing serious work with strong identity and authentication management. They have over a million installed home banking users in Israel.. Ilan told me about three product lines – Identiwall for Secure online transactions, Identiwall VPN […]
Toxic assets
Forrester just started calling lost credit card numbers “toxic asset”. Since when is data that is publicly available toxic?
Bribes as a way of doing business, the Obama Peace Prize
When I talk about employee data security vulnerabilities, I like to bring examples of how gambling or cyber-stalking can threaten an employee and make them vulnerable into being exploited and disclosing or manipulated company information. A competitor or criminal may offer to help with a gambling debt in return for stealing some documents. That’s a […]
Data security for SMB
Yesterday, I gave a talk at our Thursday security Webinar about data security for SMB (small to mid-sized businesses). I’ve been thinking about DLP solutions for SMB for a couple of years now; the market didn’t seem mature or perhaps SMB customer awareness was low, but with the continued wave of data security breaches, everyone […]
Japanese mobile carrier Willcom on the skids
I was in Moscow this week and was pretty disappointed with the Beeline WiMax offering – which basically didn’t work in the area where we were staying (not far from Mendeleevska Metro station) WiMax is not there yet and mobile data is still shaking out. According my buddy Todd Walzer (Todd lives in Tokyo and […]
Two innovative ways to protect your data
It’s a slow news day and I am down to looking for really bizarre ideas for protecting data from trusted insider threats. No. 1 – Get a lot of data in one place but make it totally unsearchable. This is what happened to Usenet – Google’s Abandoned Library of 700 Million Titles. Google bought Deja.com […]
Datat loss prevention conference: DLP-Expert Russia
Friday October 2, 2009 I gave a talk at the data loss prevention conference DLP-Expert in Istra – just ouside of Moscow. I say “just outside” euphemistically, because it took us 4 hours to drive from Domdedovo airport to Istra – a trip of about 80 kilometers. Natalya Kaspersky presented an interesting market survey they […]
Is PCI DSS a failure?
A recent Ponemon survey found 71% of companies don’t consider PCI as strategic though 79% had experienced a breach. Are these companies assuming that a data security breach is cheaper than the security? How should we understand the Ponemon survey. Is PCI DSS a failure in the eyes of US companies? Let’s put aside the technical […]
Overspending on security
From Allan Paller’s testimony before the US Senate I think the quote speaks for itself. Outside the US – it seems even stranger to believe that US companies have enough money for two cyber security organizations paid for by the US taxpayer. However, federal agencies cannot move effectively to more secure systems unless you shift […]
Information security best practices workshops
Every Thursday at 14:00 GMT we host a best practice security workshop online for business professionals, vendors and consultants. There is a short high-quality presentation and we share knowledge gained in the trenches. It’s 20 minutes, it’s free and it’s always a lot of fun. Register Here you will receive a confirmation email with a […]
