A buyer’s guide to network DLP
My friend David Etue, who is VP Product Management over at Fidelis Security Systems has been writing a work in progress over the past couple years called A buyer’s guide to network DLP As David writes – Network data leakage prevention (network DLP) is the process of stopping the unauthorized disclosure of digital assets out […]
Using threat modeling to select and justify security purchases
Hot humint straight in from the field of data security. I don’t have Symantec’s marketing budget and head count or Gartner reports telling me that enterprise concerns about high impact data loss events are up. By my clients, data security awareness is up, but budgets are down and out. I think that vendors with strong […]
Why do people commit crimes?
The president of a prospect was recently discussing with us whether Oracle IRM (information rights management) was a good way of preventing data loss, and a viable alternative to a DLP (data loss prevention) system. Rights management would appear at first blush to be orthogonal to data loss prevention but it’s an interesting question that […]
Reporting to a management board that doesn’t want to listen
Like the warnings on cigarette packets – whistle blowing may be hazardous to your health. HBOS chief risk officer Paul Moore blew the whistle on the bank’s risk exposure and lost his job. Last week, the UK Treasury Select committee heard allegations from Moore ( who was sacked by Sir James Crosby in 2005) – […]
A strategic inflection point in the security industry
Compliance is like being at all the rehearsals with a sharp pencil and playing your part perfectly – but not showing up to the gig. Being inside a strategic inflection point of change is like waking up during your own murder. Inside a strategic inflection point of change, the people inside the system are not […]
Speed is everything
Jeżeli wydaje ci się, że wszystko jest pod kontrolą, to na pewno nie jedziesz wystarczająco szybko. If you think everything is under control, it certainly is not going fast enough. Mario Andretti,Formula 1 Driver I saw this quote today and I was reminded of a takeaway from Andy Grove’s book – “Only the paranoid succeed”. […]
Microsoft browser vulnerabilities and the police
The Polish Police did an IT modernization project in 2008 for installing mobile terminals in police cars. The software in the mobile terminal uses Microsoft IE. Since the mobile terminals use Microsoft IE – it should be possible to attack the mobile terminal using one of the known IE software vulnerabilities
Nihilistic security
Nihilism asserts that objective morality does not exist: therefore – there is no objective moral value with which to uphold a rule or to logically prefer one action over another. The wave of the liberal left which swept Western Europe and is now growing in US as the Obama administration takes office, asserts that there […]
IDF penetrated Hamas secure network
Both the Israeli IT online paper – “Daily Maily” and the Palestinian news agency, Middle East Newsline have reported that the IDF has cracked an encrypted communications network supplied by the Taiwanese vendor Senao used by the Hamas in Gaza with (and I quote) “two way encrypted multi-channel radios, with a range up to 50km”. […]
Houston, we have a problem
Are you like the rest of the lemmings? Most companies we know – don’t have the faintest idea of what’s going on inside the corporate network. Once the company management discovers that almost all their employees cc company documents to their gmail accounts so they can access the data at home – it becomes […]
