post

2013 Global Reputational Risk and IT Study

Posted on March 29, 2013 · Leave a Comment
2013 Reputational Risk Infographic FINAL

Check out the video interview with Jack Danahy on the 2013 Global Reputational Risk and IT Study and please leaving your ratings and feedback on the video landing page. https://ibm.biz/Bdxb3k

Filed Under: Uncategorized ·
post

The Fire Code and Shared Passwords

Posted on February 27, 2013 · Leave a Comment
key pad lock

Here’s a case where a shared password is used to protect businesses all over town, and yet it seems to work. Why?

Filed Under: Uncategorized · Tagged:
post

Audit, Surveillance, and Customer Service

Posted on December 12, 2012 · 1 Comment
brown pants

How a pair of missing pants taught me about audit, surveillance, and customer service and the implications for technology controls.

Filed Under: Uncategorized · Tagged: , ,
post

IBM Tech Trends Report for 2012

Posted on December 6, 2012 · Leave a Comment
2012 IBM Tech Trends Report

The 2012 IBM Tech Trends Report on skills gaps in business analytics, cloud computing, mobile technology, and social business and security’s role.

Filed Under: Uncategorized · Tagged:
post

Skype Account Hijack Attack: Lessons Learned

Posted on November 14, 2012 · Leave a Comment
relying on the guys in the white hats to prevent attacks like the Skype account hijack attack

What kinds of security controls could have prevented the Skype account hijack attack? Can we do anything except rely on white hat penetration testing?

Filed Under: Uncategorized · Tagged: ,
post

Legitimate Security Through Obscurity

Posted on November 7, 2012 · 2 Comments
Security Through Obscurity?

There are times when “security through obscurity” is a perfectly legitimate security control tactic, especially against opportunistic attackers.

Filed Under: Uncategorized · Tagged:
post

Payment Card Fraud and a Checking Account DMZ

Posted on October 31, 2012 · Leave a Comment
payment card fraud dmz

Could the IT DMZ be used as a model for controlling payment card fraud and help protect against skimming attacks like those at Barnes and Noble?

Filed Under: Uncategorized · Tagged: , ,
post

Social Engineering Attack Demographics

Posted on October 24, 2012 · Leave a Comment
social engineering attack vector - the phone

Our common stereotypes of social engineering attacks don’t match up to the latest data in the Verizon 2012 Data Breach Investigations Report.

Filed Under: Uncategorized · Tagged:
post

Vulnerability Disclosures and the Hype Curve

Posted on October 19, 2012 · Leave a Comment
Print

Can the rate of vulnerability disclosures of a platform predict its position on the Hype Curve?

Filed Under: Uncategorized · Tagged: ,
post

Protecting The Password File

Posted on October 10, 2012 · 1 Comment
protecting the password file

RSA announces a new offering to protect password credentials. But is protecting the password file really that difficult?

Filed Under: Uncategorized · Tagged: ,
«Older Posts