Professional skill sets
We spent the past week in Tzfat (Safed) – situated in the northern part of Israel and with a 900meter elevation, the weather is cool and dry and a welcome relief from the humidity and heat of Tel Aviv. We met a couple at dinner one evening – the husband is a retired aerospace software […]
Facebook disclosure cancels raid on terrorists
I want to challenge the effectiveness of top-down, monolithic security frameworks (ISO 27001/PCI DSS) – I submit that rapidly changing threats – social networking, cyberstalking, social engineering, cyber-stalking and custom spyware are threats that exploit people and system vulnerabilities but are not readily mitigated by a top down set of security countermeasures. The recent case […]
Learning about change and changing your security
Reading through the trade press, DLP vendor marketing collateral and various forums on information security, the conventional wisdom is that the key threat to an organization is trusted insiders. This is arguable – since it depends on your organization, the size of the business and type of operation. However – This is certainly true […]
Night walking on the freeway
Ian Fleming once remarked how American road signs were so sexy – “winding curves” and “soft shoulders”. I was thinking of Ian Fleming taking an unexpected 5K walk at night on the shoulders of a 6 line freeway. Last night I was driving my daughter’s car on Route 6. There was a leak in the […]
DLP – a Disturbing Lack of Process?
Ted Ritter has suggested that we rename DLP a Disturbing Lack of Process Indeed DLP is not a well-defined term – since so many vendors (Kaspersky anti-virus, McAfee anti-virus, Symantec anti-virus, Trend Micro Provilla, CA Backup…you name it) have labeled their products “Data loss prevention” products in an attempt to turn the tide of data […]
Sharing security information
I think fragmentation of knowledge is a root cause of data breaches. It’s almost a cliche to say that the security and compliance industry has done a poor job in preventing data breaches of over 245 million personal records in the past 5 years. It is apparent that government regulation is ineffective in preventing identity […]
Swine flu and social networking
It just occurred to me – as our partner in Poland was getting ready to drive from Warsaw to Łęczyca for a sales call – that novel H1N1 (swine flu) and seasonal influenza is a great reason to use social media and Web conferencing for customer contacts, sales and support and reduce physical contact and […]
Physical security in Afghanistan
If you thought that working in high-tech is rough – just consider how tough it is to be a musician in Afghanistan. JALALABAD, Afghanistan (Reuters) – Taliban fighters beat musicians, shaved their heads and left them tied to trees overnight because they performed at an Afghan wedding, a village tribal chief said Monday, a sign […]
Nihilistic security
Nihilism asserts that objective morality does not exist: therefore – there is no objective moral value with which to uphold a rule or to logically prefer one action over another. The wave of the liberal left which swept Western Europe and is now growing in US as the Obama administration takes office, asserts that there […]
Better physical security with more eyeballs
Big companies have lobbies and receptionists. They may have many visitors during the day not to mention messengers from FedEx, DHL, TNT, Poczta etc. A DHL courier recently visited the offices of a client to pick up a package. He walked in, picked up 5 expensive mobile computers and notebooks, put them in the pouch […]
