Imperfect knowledge security
A few months ago I wrote about The Black Swan of Security – how major data loss events have 3 common characteristics – 1) A major data loss event appears as a complete surprise to the company . 2) Data loss has a major impact to the point of maiming or destroying the institution (note […]
Continous security improvement , learning from mistakes
There is something to be learned from what some of the great jazz musicians said: “It’s not the mistakes that count, it’s what you do after them that counts.” -Thelonious Monk
Foreign Corrupt Practices Act: The DoJ and SEC Are Coming
There is compliance to industry regulation like PCI DSS 1.2 which is aimed at consumer protection and then there is compliance to government regulation like the FCPA which is aimed at maintaining a high ethical level of behavior and ensuring a level playing field of business. For a large global company like Monsanto, Merck or […]
Data discovery and organization
The problem is that you know where you start, you don’t know where you finish and you will always have trouble organizing the useful references you collect on the way. After a call with a client, I started investigating how to provide high value scientific data in a social network for doctors and medical representatives […]
Open Access publishing
The GM of a prospect recently asked me how to control disclosure of internal research documents prior to publication. It had come as a revelation to him that anyone can post on a blog without permission from a central secretariat. I asked him how they control face-to-face information exchange with colleagues or competitors outside the […]
Obama cyberspace policy review
Last week, I got an email from the Internet Security Alliance (a trade association of companies like Raytheon and Northrup-Grumman that lobbies the government on cyber-security issues) with Melissa Hathaway’s speech to the RSA Security conference. Besides all the touch-feely stuff – I didn’t understand anything she is saying (and I’m a native English speaker..). […]
Joshua Redman vs James Carter Live At Carnegie Hall
The ultimate battle of the tenor saxophone masters – Joshua Redman and James Carter live at Carnegie Hall unbelievable exhibition of technique, improvisation and sound. I would give Redman slightly higher marks on sound and Carter slighly higher marks for his incredible use of altissima register. But besides that – words are not enough.
Postgresql 8.4 or MySQL
MySQL now belongs to Oracle – Oracle’s track record on keeping acquisitions alive is mixed. If you want a real database that is extremely Oracle compliant (PLpgSQL is very close to PL/SQL) look no further than then harder (more secure), better, faster Postgresql 8.4 the world’s most advanced Open Source database. Using the new […]
BizSpark
I just got an invite to Bizspark from thefunded.com “Microsoft® BizSpark™ is a global program designed to help accelerate the success of early stage startups by providing key resources “; basically free development software and a hook into a community of potential investors. A lot of the comments on techcrunch were of a religious nature, calling […]
Data security case study
A lot of companies do V/A (vulnerability assessments) with scanners like Beyond Security or Nessus. We took a hybrid approach for an internal security assessment using a Fidelis Security Systems network DLP appliance for detecting data loss vulnerabilities and structured human interviews to identify assets and analyze business threats such as competitors who might steal […]
