Why software patents are a bad idea
In Bilski and software patents, Rob Tiller (vice president and assistant general counsel for Red Hat) attempts to make a case against software patents by claiming that they are abstract and therefore not patentable: In view of this serious problem, Red Hat submits that the Interim Guidance should be revised to recognize that software patents will ordinarily […]
Brainwashed by propaganda?
I decided to update this post – after the security theater of the week with the Palestinians and Israelis – as if Israel really needs the Palestinians to recognize Israel as a Jewish State and as if not building a few houses is going to give the Palestinian leaders a reason to stop terror and […]
Health insurer data breaches
switched.com is having trouble understanding the attack vector of a data breach. They apparently believe that software vulnerabilities can be mitigated by consumers “actively protecting their information”. Hackers recently attacked WellPoint, a health insurer which reportedly covers 34 million people. As a result of the breach, the company notified 470,000 individual customers that confidential information, […]
Operational risk management – what we really need
Operational risk management has been the buzz word du-jour in recent years, due to the Basel II initiative in the banking industry and Solvency II in the insurance industry. The Basel II definition of operational risk is “the risk of loss resulting from inadequate or failed internal processes, people and systems, or from external events.” […]
Are you still using Excel for risk assessment?
There is a school of thought that says that you can take any complex problem and break it down like swiss cheese. Risk assessment data collection and analysis with Excel is one of those problems that can’t be swiss-cheesed. A collection of brittle, unwieldy, two dimensional worksheets is a really bad way of doing multi-dimensional […]
Worst executive behavior of the month award
For my Israeli readers – הדבר היחיד שיותר גרוע מלהיות לא רציני זה לצאת פרייר. I’m collecting data for a couple of articles on data security in social networks and ad-hoc mobile networks so I’ve been a little slow on blogging lately – so I’m down to general management and risk management stuff. I think […]
Return on security investment
The Control Policy Group is presenting a series of 6 free online workshops starting Sep 3, 2009 at 15:00GMT. The first workshop, “Using data security metrics and a value-based approach”, will teach measurement of how well security tools reduce Value at Risk in dollars (or in Euro) and how well they will do 3 years […]
The role of DLP in IP protection
A common conversation I have with my technology clients touches on patent protection as a security countermeasure against abuse of intellectual property. The short answer is that if you’re not DuPont or Roche, then patent protection is not going to help you very much. If you develop software , you are probably infringing someone’s patents […]
Reducing risk of major data loss events
Martin Hellman (of Diffie Hellman) fame maintains the Nuclear Risk web site and has written a very insightful piece on risk analysis of nuclear war entitled Soaring, cryptography and nuclear weapons Hellman proposes that we need a third state scenario (instead current state – > nuclear war) where the risk of nuclear holocaust has been […]
Exploiting a wireless mesh network for utilities
I think it’s only a matter of time before someone exploits a wireless mesh network that controls and reads home utility meters to get free water and electricity. Until then, there is a problem of range and coverage. Greentech media reports that Trilliant ( a smart meter neighborhood networking startup) has bought SkyPilot for it’s […]
