What Your Employees Know About Your Business

What your employees know about your business might keep you up at night if you really thought about it.  In some cases the employee may have greater targeted knowledge or access to data than the owners, principals, executive team, or directors. What your employees know about your business may be of strategic value and provide that competitive edge.  It may be the special sauce that took the company years to develop and it may walk out the door prior... [Read More...]

There Is No Perimeter

Last week I mentioned the myth of the “network perimeter” and alluded to the futility of trying to secure it, and I wanted to expand on that theme a little more.  I frequently find myself working with IT staff that have a mentality of “us vs. them” or “inside the perimeter vs. outside the perimeter” concept of security.  I strongly believe that there needs to be a paradigm shift in thinking from the perimeter based view to one of embedding... [Read More...]

Your Network Is Less Secure Than the Internet!

I frequently have conversations with clients who struggle to understand the need for security controls on internal infrastructure, or why the mandates of certain regulations are important.  I get blank looks often phrases like “but it’s behind our firewall” or “that’s not reachable from the Internet”. There is a pervasive, and fallacious, belief that the Internet is some sort of wild middle-ages like kingdom full of marauding Huns and... [Read More...]

Social Engineering Exploits Delivered Via Telephone

Most individuals who use a computer have received erroneous emails claiming they have won some prize, need to verify online banking credentials, are being contacted to accept funds from some far away estate that has no rightful owner, or some other elaborate story.  The list goes on.   The email based scams are referred to as phishing attacks.  These attacks are carried out by criminals who are looking to farm sensitive information from unsuspecting... [Read More...]

Government Reports Computer Spies Breach Fighter Jet Project

According to the Wall Street Journal’s  Siobhan Gorman, August Cole, and Yochi Dreazen,  computer spies have broken into the Pentagon’s $300 billion Joint Strike Fighter project.   This is the  Defense Department’s costliest weapons program ever, how can this be?  Tell me its not true. Was 9/11 not enough of a wake up call?  The events of that day cast doubt on the US government’s ability to protect its people.   Now... [Read More...]

Cybersecurity Rules for Private Networks Proposed

According the the Washington Post and reporters Joby Warrick and Walter Pincus “Senate Legislation Would Federalize Cybersecurity, April 1, 2009″ there is a new Senate Bill which proposes mandatory security standards for private industry.  The legislation, co-sponsored by Senate Commerce Committee Chairman John D. Rockefeller IV (D-W.Va.) and Sen. Olympia J. Snowe (R-Maine), was drafted with White House input. It is my opinion that this is nothing... [Read More...]

Is Your Critical Business Information Safe?

Recent news indicates that two large payment processors have become the victims of electronic compromise. According to RBS WorldPay in a press release the company states “Certain personal information of approximately 1.5 million cardholders and other individuals may have been affected and, of this group, Social Security numbers of 1.1 million people may have been accessed”. Heartland in a statement to the public indicated that it contacted more... [Read More...]

Why is organizational spend ineffective at reducing information security risk?

In this InformationWeek article, Mike Fratto discusses some reasons why even though 95% of IT security groups see their budgets either hold steady or increase this year, over 65% of them say that their organizations are at greater risk. Mike asks “Since when is `no worse than before’ an acceptable return on investment?” This is a message that Information Defense Corporation has been carrying to our clients for some time. Our collective experience... [Read More...]

« Previous Page