Dealing with DLP and privacy

Dealing with DLP and privacy It’s a long hot summer here in the Middle East and with 2/3 of  the office out on vacation, you have some time to reflect on data security. Or on the humidity.  Or on a cold beer. Maybe you are working on building a business case for DLP technology like Websense or Symantec or Verdasys, or Mcafee or Fidelis in […]

Kick start your European privacy compliance

The CNIL’s Sanctions Committee issues a 150 000 € monetary penalty to GOOGLE Inc. On 3 January 2014, the CNIL’s Sanctions Committee issued a 150 000 € monetary penalty to GOOGLE Inc. upon considering that the privacy policy implemented since 1 March 2012 does not comply with the French Data Protection Act. It ordered the company […]

Is Your Small Business Safe From Cyberattacks?

Of the 855 data breaches Verizon examined in its 2012 Data Breach Investigations Study, 71 percent occurred at businesses with fewer than 100 employees. The Association of Certified Fraud Examiner finds the median small business loss due to fraud to be $200,000. These losses can be prevented with better protection and more knowledge about fraud […]

Why big data for healthcare is dangerous and wrong

The Mckinsey Global Institute recently published a report entitled – Big data: The next frontier for innovation, competition, and productivity . The Mckinsey Global Institute report on big data is no more than a lengthy essay in fallacies, inflated hyperbole, faulty assumptions, lacking in evidence for its claims and ignoring the two most important stakeholders of […]

Message queuing insecurity

I met with Maryellen Ariel Evans last week. She was in Israel on vacation and we had coffee on the Bat Yam boardwalk.   Maryellen is a serial entrepreneur; her latest venture is a security product for IBM Websphere MQ Series. She’s passionate about message queue security and I confess to buying into the vision. She […]

Securing Web servers with SSL

I’ve been recently writing about why Microsoft Windows and the Microsoft monoculture in general  is a bad idea for medical device vendors – see my essays on Windows vulnerabilities and medical devices here, here and here. It is now time to slaughter one more sacred cow: SSL. One of the most prevalent misconceptions with vendors in […]

Small business data security

Here are 7 steps to protecting your small business’s data and and intellectual property in 2011 in the era of the Obama Presidency and rising government regulation. Some of these steps are about not drinking consultant coolade (like Step # 1- Do not be tempted into an expensive business process mapping project) and others are adopting best practices […]

Do you have a business need for DLP?

To be able to do something before it exists, sense before it becomes active, and see before it sprouts. The Book of Balance and Harmony (Chung-ho chi). A medieval Taoist book Will security vendors, large to small  (Symantec, Mcafee, nexTier, ANBsys and others..) succeed in restoring balance and harmony to their customers by relabeling their product suites as unified content […]

Business unit strategy for data security

At a recent seminar on information security management, I heard that FUD (fear, uncertainty and doubt) is dead, that ROI is dead and that the insurance model is dead. Information security needs to give business value. Hmm. This sounds like a terrific idea, but the lecturer was unable to provide a concrete example similar to […]

How can we convince our VP that a network-based DLP makes sense?

My colleague, Michel Godet – sent me a link to an article that Mike Rothman recently wrote. Michel  (rightly) thinks that it supports the approach that we have been pushing in Europe for over a year now, to justify data security technology investments by using Value at Risk calculations. Mike’s article – building a business […]