Security Leadership
Gas prices may go down and electricity may get cheaper – but In 2009, most of us will have less money to spend and our clients will be tough on pricing and orders. For information security and compliance professionals it is the time to find, implement and enforce cost-effective security countermeasures. BUT HOW?
The worst bugs are the simplest bugs
It is a truism of security that the worst vulnerabilities are usually the simplest – many are configuration bugs or simple design flaws like leaving temp files world read. Many Open Source projects such as Open Clinica use the excellent PostgreSQL database. You get 90% of Oracle at 10% of the weight and for free. […]
Human Shields
Courtesy of a colleague that works at IBM Global Services Amazing how Hamas terrorist are using children as a human shield against IDF snipers http://www.metacafe.com/watch/1387468/hamas_terrorist_using_children_as_a_human_shield/ Danny Lieberman Software Associates Expert security consultants, providing internal security solutions: investigating and preventing data theft and fraud for telecommunications, manufacturing and pharmaceutical companies in Eastern Europe and the Middle […]
The truth about the Palestinian-Israeli conflict
The one-sided UN resolution that didn’t even mention Hamas was not surprising. It’s 14 days into the war on Hamas in Gaza and it appears a good time to share a few brief facts on the Israeli-Palestinian conflict – 1. Nationhood and Jerusalem. Israel became a nation in 1312 B.C.E. Two thousand years before the […]
Would you buy a used car from this company?
Would you buy a security product from a vendor who couldn’t write English properly, didn’t understand fundamentals of data security and pushed the envelope on claims for product functionality? A prospect recently told us that he was using Lumension end point security software – we’re trying to upsell him to a data security solution that […]
What’s in a name?
Would someone explain the difference between Militants and Terrorist Organizations? Do definitions matter? The PCI DSS 1.2 standard confusingly labels anti-virus “threat management” and security folks often confuse a vulnerability (a state of weakness of an asset) with a threat (something or someone that exploits the vulnerability to cause damage to the asset). I guess […]
Buggy software is risky software
Here’s a good example of post-hoc error and buggy software: Courtesy of my wife, from a Microsoft program they are using at work: –Microsoft help tip: “You might want to ask someone you know for help.” Danny Lieberman, specialist preventing data loss because of buggy software and systems
Why Israel is losing the war against terror
It is crucial to ask how we can adopt and execute a sustainable long-term strategy to combat and win the war against Islamic terror. I’m an Israeli and we have seen a series of Israeli governments attempt to combat terror. In most cases, the strategy to combat Palestinian terror centers on worrying what the US […]
Teachers Matter More Than PCs
Just as I was wondering how pumping trillions into banks will solve the GFC (great financial crisis) – along comes Craig Barrett (former CEO of Intel) and tells us that Teachers Matter More Than PCs “We’re bailing out Wall Street, we’ll be bailing out Detroit soon, we’re bailing out the agricultural sector with high subsidies […]
Cloud computing, buzz-word du-jour
The buzzword du-jour in the current economic crash of 2008 is “Cloud Computing”. There are several interesting question around cloud computing – why now, how are people building it, what are people doing with it and what about security. 1) Why now? Back in 2001 after the dot com crash, On-demand / SaaS started picking […]
