Data loss trends
There is a slight uptick in demand for our services, which I’ve put down to more aggressive marketing on our part. However – industry analysts have some interesting takes on which companies invest in data loss prevention. Not surprisingly – regulated industries (telecom, finance) buy DLP, unregulated (retail/manufacturing) and small-medium sized business don’t buy DLP. […]
A great year for data thieves
The Verizon Business Report on data breaches 2009 was released – the data breach investigations report headlines with 285 million data records breached in 2008: 91% of attackers were organized crime 74% of attacks by malicious outsiders 67% of vulnerabilities due to system defects 32% implicated business partners The report must be particularly disturbing to […]
Creativity beats cheap outsourcing
Most Israeli high-tech workers (and most have not been fired) have enough disposable income, a reasonably interesting job and a fairly clueless boss that is even more interested than them in personal job security. Salaries and costs (with all the perks) of an engineer in Israel are as high as in the US. Creativity not […]
Security metrics anti-design patterns
I’ve been thinking recently about how most of our clients don’t collect security metrics. Then I got thinking about how there are anti-design patterns that typify firms with a higher level of vulnerability to a major data loss event. Running security is not different from running a business – you have assets and threats, vulnerabilities […]
German homeland security
I am on an email distribution list from the Israeli Export Institute for Israeli software and security companies. The Export Institute is organizing an event for Protecting Critical Infrastructure – the event is slated to take place Brandenburg, in Berlin-Schönefeld, 18 – 20 May 2009. I liked the use of standard security market-speak to describe the opportunity […]
A buyer’s guide to network DLP
My friend David Etue, who is VP Product Management over at Fidelis Security Systems has been writing a work in progress over the past couple years called A buyer’s guide to network DLP As David writes – Network data leakage prevention (network DLP) is the process of stopping the unauthorized disclosure of digital assets out […]
Why do people commit crimes?
The president of a prospect was recently discussing with us whether Oracle IRM (information rights management) was a good way of preventing data loss, and a viable alternative to a DLP (data loss prevention) system. Rights management would appear at first blush to be orthogonal to data loss prevention but it’s an interesting question that […]
Reporting to a management board that doesn’t want to listen
Like the warnings on cigarette packets – whistle blowing may be hazardous to your health. HBOS chief risk officer Paul Moore blew the whistle on the bank’s risk exposure and lost his job. Last week, the UK Treasury Select committee heard allegations from Moore ( who was sacked by Sir James Crosby in 2005) – […]
Nihilistic security
Nihilism asserts that objective morality does not exist: therefore – there is no objective moral value with which to uphold a rule or to logically prefer one action over another. The wave of the liberal left which swept Western Europe and is now growing in US as the Obama administration takes office, asserts that there […]
Better physical security with more eyeballs
Big companies have lobbies and receptionists. They may have many visitors during the day not to mention messengers from FedEx, DHL, TNT, Poczta etc. A DHL courier recently visited the offices of a client to pick up a package. He walked in, picked up 5 expensive mobile computers and notebooks, put them in the pouch […]
