Drug counterfeiting, hype or health?
Counterfeiting is a hot issue not only because it hits vendors in the pocket but because of the public health/safety implications. Product counterfeiting ranges from fashion, such as Dolce & Gabbana handbags, high performance bike frames such as Specialized Bikes to faking innovative drugs such as Viagra. The Israeli onlline business daily “The Marker” recently […]
Imperfect knowledge security
Keeping the organization robust in a highly dynamic threat environment Our capacity to predict will be confined to . . . general characteristics of the events to be expected and not include the capacity for predicting particular individual events. . .Yet the danger of which I want to warn is precisely the belief that in […]
Gaming the ratings
A common vulnerability in online ecommerce sites is fraudulent manipulation of user profiles in order to boost the ratings of products in online recommender systems and overall reputation of the web site. This article – Unsupervised Retrieval of Attack Profiles in Collaborative Recommender Systems casts this problem as a problem of detecting anomalous structure in […]
Security metrics anti-design patterns
I’ve been thinking recently about how most of our clients don’t collect security metrics. Then I got thinking about how there are anti-design patterns that typify firms with a higher level of vulnerability to a major data loss event. Running security is not different from running a business – you have assets and threats, vulnerabilities […]
People should be very frightened of the FSA
Fear is a good deterrent for individuals – but, will it work for large corporations? I don’t know, but for sure the UK FSA believes in fear. Financial Services Authority (FSA) chief executive Hector Sants pledged in a confrontational speech last week that the UK regulator would be far more “intrusive and direct” in its […]
Why do people commit crimes?
The president of a prospect was recently discussing with us whether Oracle IRM (information rights management) was a good way of preventing data loss, and a viable alternative to a DLP (data loss prevention) system. Rights management would appear at first blush to be orthogonal to data loss prevention but it’s an interesting question that […]
Reporting to a management board that doesn’t want to listen
Like the warnings on cigarette packets – whistle blowing may be hazardous to your health. HBOS chief risk officer Paul Moore blew the whistle on the bank’s risk exposure and lost his job. Last week, the UK Treasury Select committee heard allegations from Moore ( who was sacked by Sir James Crosby in 2005) – […]
A strategic inflection point in the security industry
Compliance is like being at all the rehearsals with a sharp pencil and playing your part perfectly – but not showing up to the gig. Being inside a strategic inflection point of change is like waking up during your own murder. Inside a strategic inflection point of change, the people inside the system are not […]
Fraud, energy derivatives trading
Fraud has become a big issue in energy derivatives trading. A former Bank of Montreal (BMO) natural gas trader pled guilty in November 2008 to intentionally mismarking trades, resulting in over $800 million of fraud-related trading losses. The interesting part in the item on EmpireStateNews.Net was that that the natural gas trader pleaded guilty to […]
Would you buy a used car from this company?
Would you buy a security product from a vendor who couldn’t write English properly, didn’t understand fundamentals of data security and pushed the envelope on claims for product functionality? A prospect recently told us that he was using Lumension end point security software – we’re trying to upsell him to a data security solution that […]
