Is cyber security and mobile device management important in the healthcare industry?
Is cyber security and mobile device management important in the healthcare industry? Healthcare and technology go hand in glove more than almost any other sector in today’s business world. This statement is true today and will remain so into the future. Patient records form just one element of the vast mountain of data that is stored and […]
The megaupload bust
My daughter was distressed yesterday after the Feds shutdown the megaupload file sharing site – “How am I going to see all those series and Korean movies I love? It’s not fair!” The FBI have been after Mr Dotcom for 8 years. His big problem was not the file sharing but his other criminal activities. […]
The valley of death between IT and information security
IT is about executing predictable business processes. Security is about reducing the impact of unpredictable attacks to a your organization. In order ot bridge the chasm – IT and security need to adopt a common goal and a common language – a language of customer-centric threat modelling Typically, when a company ( business unit, department or […]
Message queuing insecurity
I met with Maryellen Ariel Evans last week. She was in Israel on vacation and we had coffee on the Bat Yam boardwalk. Maryellen is a serial entrepreneur; her latest venture is a security product for IBM Websphere MQ Series. She’s passionate about message queue security and I confess to buying into the vision. She […]
A strategy for combating cyber terror
Instead of getting some real work done this morning, I started collating some thoughts on cyber security strategy. I guess it’s a lot easier to think about strategies than to fix buggy, risky code. For most people – there are two worlds, the cyberspace world and the physical, people-populated world. This dichotomy of two separate spaces […]
Offensive security
I have written several times in the past here, here and here about the notion of taking cyber security on the offensive James Anderson, president of Professional Assurance LLC, says that there is no evidence that governments can protect large firms from cyber attacks. “National security authorities may not even acknowledge that their interests align […]
Why your IT vendor doesn’t want you to do a risk analysis
Did you ever have a feeling that your IT integrator was treating you like a couple of guys selling you a Persian rug? “Take it now – it’s so beautfiful, just perfect for your living room, a steal for only $10,000 and it’s on sale” and when you ask if it will last, they tell […]
Cyber crime costs over $1 trillion
A pitch from Alex Whitson from SC TV for a Webinar on the LinkedIn Information Security Community piqued my attention with the following teaser: As you may have read recently, Cybercrime is now costing the UK $43.5 billion and around $1 trillion globally. Sponsored by security and compliance auditing vendor nCircle, the Webinar pitch didn’t cite any sources for the […]
Obama cyberspace policy review
Last week, I got an email from the Internet Security Alliance (a trade association of companies like Raytheon and Northrup-Grumman that lobbies the government on cyber-security issues) with Melissa Hathaway’s speech to the RSA Security conference. Besides all the touch-feely stuff – I didn’t understand anything she is saying (and I’m a native English speaker..). […]
Social contracts for cyber security
An information security industry trade association (the ISAlliance – Internet Security Alliance) has been promoting the notion of a social contract between government and the private sector to improve cybersecurity. The ISAlliance includes representatives from Verizon, the National Association of Manufacturers, Nortel, the CyLab at Carnegie Mellon University, Raytheon, and Northrop Grumman. According to the […]
