Exploiting a wireless mesh network for utilities
I think it’s only a matter of time before someone exploits a wireless mesh network that controls and reads home utility meters to get free water and electricity. Until then, there is a problem of range and coverage. Greentech media reports that Trilliant ( a smart meter neighborhood networking startup) has bought SkyPilot for it’s […]
US Military firms recruiting hacker soldiers
It seems that the GFC is creating a movement of migratory hi-tech workers from Silicon Valley to the Beltway. I’m not sure that an unemployed IT security analyst turned hacker is the best choice for a defense contractor – the really good guys and gals are always in demand – and those DC summers are […]
A great year for data thieves
The Verizon Business Report on data breaches 2009 was released – the data breach investigations report headlines with 285 million data records breached in 2008: 91% of attackers were organized crime 74% of attacks by malicious outsiders 67% of vulnerabilities due to system defects 32% implicated business partners The report must be particularly disturbing to […]
Speed is everything
Jeżeli wydaje ci się, że wszystko jest pod kontrolą, to na pewno nie jedziesz wystarczająco szybko. If you think everything is under control, it certainly is not going fast enough. Mario Andretti,Formula 1 Driver I saw this quote today and I was reminded of a takeaway from Andy Grove’s book – “Only the paranoid succeed”. […]
Houston, we have a problem
Are you like the rest of the lemmings? Most companies we know – don’t have the faintest idea of what’s going on inside the corporate network. Once the company management discovers that almost all their employees cc company documents to their gmail accounts so they can access the data at home – it becomes […]
Would you buy a used car from this company?
Would you buy a security product from a vendor who couldn’t write English properly, didn’t understand fundamentals of data security and pushed the envelope on claims for product functionality? A prospect recently told us that he was using Lumension end point security software – we’re trying to upsell him to a data security solution that […]
Are you on your firewall, while your employees are on Gmail?
Pop question No. 1: What percent of your employees send sensitive company documents to their Gmail accounts? Pop question No. 2: When you layoff 15 percent of your workforce, should you fire the information security manager a) First, b) Last or c) Give her an incentive to help ensure that a data breach of […]
Agency Accidentally Posts Social Security Numbers Online
I think the expression is – “the road to hell is paved with good intentions”. I got wind of this data breach event from the IS Alliance. As reported by WFTV Orlando – Social security numbers for 250,000 people were posted online by mistake, and a state agency is facing serious questions about why it […]
The death of risk assessment
We saw the movie “Blood Diamonds” last night; the way some companies practice IT risk management reminds me of TIA – “This is Africa”. Joseph Granneman talks about some of the problems with conventional IT risk assessment on Searchsecurity.com Risk assessment, as currently practiced in information security, is dead. I’m not saying we need to […]
