Are you on your firewall, while your employees are on Gmail?
Pop question No. 1: What percent of your employees send sensitive company documents to their Gmail accounts? Pop question No. 2: When you layoff 15 percent of your workforce, should you fire the information security manager a) First, b) Last or c) Give her an incentive to help ensure that a data breach of […]
Social contracts for cyber security
An information security industry trade association (the ISAlliance – Internet Security Alliance) has been promoting the notion of a social contract between government and the private sector to improve cybersecurity. The ISAlliance includes representatives from Verizon, the National Association of Manufacturers, Nortel, the CyLab at Carnegie Mellon University, Raytheon, and Northrop Grumman. According to the […]
Agency Accidentally Posts Social Security Numbers Online
I think the expression is – “the road to hell is paved with good intentions”. I got wind of this data breach event from the IS Alliance. As reported by WFTV Orlando – Social security numbers for 250,000 people were posted online by mistake, and a state agency is facing serious questions about why it […]
Great achievements involve great risk
Is it possible to have good kharma in information security – when you’re trying to keep the bad guys off your network (firewall, IPS) and keep the good suff inside (data loss prevention) and maintain good internal security (network surveillance)? I got a Powerpoint slide show in the email this morning from my friend Jeff […]
Ex-Intel worker charged with $1B data theft
Big time data theft event, this time by an employee leaving Intel to go to work for AMD. A Worcester, Mass. man has been charged with stealing trade secrets worth more than $1 billion. Biswamohan Pani, 33, was indicted for allegedly stealing trade secrets from Intel’s Hudson, Mass. facility and downloading confidential documents from Intel […]
Industry indicators
Are test equipment sales a bellwether of the telecommunications and technology industry prospects? I have been looking for macro indicators of what will happen in the telecommunications industry. We specialize in data security for telecommunications. Data security is a big issue for companies in flux – firing employees, turning more to outside contractors and merging […]
Netwitness – next generation network traffic analysis
Imagine Harrison Ford doing traffic analysis on your network. Hmm – there’s a thought. The US-based company – Netwitness has been making a lot of noise lately about their “next generation” capability to perform full session reassembly and threat analysis from packet capture. This is a great feature to have for traffic analysis that has […]
The death of risk assessment
We saw the movie “Blood Diamonds” last night; the way some companies practice IT risk management reminds me of TIA – “This is Africa”. Joseph Granneman talks about some of the problems with conventional IT risk assessment on Searchsecurity.com Risk assessment, as currently practiced in information security, is dead. I’m not saying we need to […]
Spector 360, data loss prevention tool?
Remember the “The Phil Spector Sound”? (I grew up on rock and roll just outside of Philly and when you say Spector, I associate it with Phil Spector or Arlen Spector – my mind is just wired that way…. A business partner of ours in a developing country asked me a security product question today. […]
Bank employee steals 100,000 sheqels
This is a classic case of trusted insider threat – as reported by yesterday’s morning paper – “Israel Today”: ( i assume that this has been under investigation for a while so the actual event may have happened over a year ago…). The arrest sheet in the Tel Aviv district court depicts collusion between an […]
