Ethics and data loss prevention
Are we loving the attackers and prosecuting the victims? In data security – I don’t subscribe to utilitarian ethics (which attempts to balance the benefit versus the damage of an act) and can lead to the ends justifying the means. For data security and compliance – I personally implement the “Ten commandments” approach – if […]
N Digital TV data breach in Poland
Polish digital TV broadcaster N (owned by ITI Neovision) has disclosed a breach of customer data records – after PII was discovered accidentally on the Net by a subscriber via a search engine. The partner who manages our offices in Warsaw (the team specializes in high end data security consulting and DLP projects in Central […]
Data security – is psychology more important than technology?
We had a discussion with a prospect for a DLP (data loss prevention) system) that started with discussing the pros and cons of various DLP solutions (Verdasys, Mcafee DLP, Websense, Fidelis Security) and finished with a drill-down into how they can build a business case to acquire and implement data security technology. After a very […]
Exploiting a wireless mesh network for utilities
I think it’s only a matter of time before someone exploits a wireless mesh network that controls and reads home utility meters to get free water and electricity. Until then, there is a problem of range and coverage. Greentech media reports that Trilliant ( a smart meter neighborhood networking startup) has bought SkyPilot for it’s […]
Part I – Pharmas and social networking
I was talking to some folks at a big global pharma last week and I discovered that pharma doesn’t like social networking. (Give me a break – I’m a software security guy, I think about these things in terms of threats to intellectual property and I thought everyone “gets” social networking). If you understand how […]
Less regulation, increased data security
Data security compliance regulation such as PCI DSS 1.2 is a double-edged sword – as a security checklist it’s an important step for the payment card industry but too much regulation, especially for small to mid-sized businesses is too much of a good thing. As my maternal grandmother, who spoke fluent Yiddish would yell at […]
The role of leadership in protecting data
Is a little fear in the workplace a good thing? Management Rewired, is a new book by the consultant Charles Jacobs. Instead of standardized procedures, dictated targets and harsh but true feedback, Jacobs suggests we’ll get better results “if, rather than trying to thwart their natural inclinations, we just accept how people behave and make […]
What is a DLP solution?
These days everyone has a DLP solution – it’s like a Dilbert cartoon. The latest and definitely most effective DLP product is – you guessed it – the venerable Cheyenne Arcserve Backup. I got this in the email today. THIS FEATURED DOWNLOAD SPONSORED BY: CA IT Problem: IT managers are expected to withstand a wide […]
Imperfect knowledge security
Keeping the organization robust in a highly dynamic threat environment Our capacity to predict will be confined to . . . general characteristics of the events to be expected and not include the capacity for predicting particular individual events. . .Yet the danger of which I want to warn is precisely the belief that in […]
Pharmas, Web 2.0 and regulation
For a change – ethics based regulation that differentiates between the medium and the message. Dr. Jean Ah Kang, works at DDMAC and is in charge of Web 2.0 policy development. She speaks very well at her interview with Mark Senak, a regulatory affairs lawyer ( eyeonfda.com ). Here is the podcast: FDA’s views and […]
