Posts tagged: security vision

Cyber Risk being disclosed in SEC filings

A June 8 Bloomberg Businessweek article noted that publicly traded companies have started including the “material risk” of computer attacks in their SEC filings.  It’s interesting to see the admission of some major companies that the threat of targeted attacks can impact the bottom line. In what will undoubtedly become the trend in risk reporting [...]

Tuesday June 15th, 2010 in , , , , | No Comments »

New CyberSecurity Coordinator points to private sector solutions

Once again I find myself liking White House Cybersecurity Coordinator Howard Schmidt’s approach even if I think his position is weakened based on placement, authority, etc.  In a Bill Brenner article today on CSOonline, Schmidt points to the defense against the wide range of threats, including coordinated attacks, to be best lead from the private [...]

Wednesday April 7th, 2010 in , , , , , | 1 Comment »

Be an Agile Defender

Anti-virus software is based on signatures of known viruses.  It’s a reactive product by nature and it should be known by now that these products are ineffective against new viruses and new variants.    That said, why test AV products against attacks they haven’t seen and then make a stink about it in a ComputerWorld article?  [...]

Thursday March 18th, 2010 in , , , , , | No Comments »

The Cyber Maginot Line

Between 1930 and 1940, France built a massive system  of defenses known as the Maginot Line.  Designed to stop a German invasion, history illustrates its failure.  The 1940 German invasion of France skirted the defensive Maginot Line as they swiftly penetrated through the Ardennes by way of Belgium.  I’m not a historian and there are [...]

Thursday January 28th, 2010 in , , , , , | 2 Comments »

2010 Information Security Predictions

I may as well get on the 2010 prediction bandwagon. 1.  With the rush to get into the “cloud” businesses will sacrifice security for the promise of efficiencies.  Attacks will be focused on the applications placed in the cloud, not necessarily the underlying OS infrastructure.  I predict there will be a large compromise of information [...]

Sunday January 3rd, 2010 in , , , , , | 2 Comments »

Baby Steps – Information Security Process Improvement

Organizations can quickly become overwhelmed when trying to implement a comprehensive information security program.  There are many barriers.  Cost.  Time.  Competency.   As I’ve posted before, security is an ongoing process and needs to be in order to deal with the changing business environment and evolving threat landscape.  Instead of implementing the very best (and most [...]

Friday November 13th, 2009 in , , , , , , | 2 Comments »

Evolving the Security Message

Richard Power wrote an article for CSO Online entitled  “Red Pill?  Blue Pill?  Ruminations on the Intersection of Inner Space and Cyber Space”.  It ties into the psychology of information security and how the shifting attitudes regarding privacy and security require a different approach to information security.   Power writes: There is a generational shift in [...]

Friday October 23rd, 2009 in , , , , , | 2 Comments »

Security Scotomas

It it a young lady or an old woman?  Is it both? The potential for information security to enable business often gets lost on our own scotomas.  We get so locked into our world of information protection that we fail to see alternatives and opportunities.   The inability to see more than one option is the [...]

Monday September 28th, 2009 in , , , | 3 Comments »