Security

Mon, February 28, 2011 - Many have questioned more than once the value of COAC, especially about its memberships self-interests. But now there is serious question about its role in the security of this nation's borders and ports. COAC's obvious weaknesses are two: first, its latest charter; and second, the self-interest of COAC's non-government membership that places protecting and promoting company and industry values over the greater security of U.S. trade infrastructure essential to our nation's economic base. It has value to the Department of Homeland Security that needs to claim it understands both trade and security for the political agenda of the Administration.

Fri, February 25, 2011 - I was on the road last week, attending the RSA security conference in San Francisco, which is a great place to run into colleagues. Afterwards, I visited Disneyland, which, despite being in the same state, is surprisingly far away. What do these places have in common? Security.

Tue, February 22, 2011 - What defines IT marketing? It's the business activity of presenting IT products, services, and capabilities to constituents in a way that makes them eager to fund and utilize. While many security groups focus their communication activities on end user activity awareness, they have stopped short of planning for the fundamental activity of presenting their products, services, and capabilities to their key stakeholders. There are many reasons given for missing this critical step, such as attitudes of security professionals, lack of business acumen to develop effective marketing and communications strategies, and the ever present too-much-work reason. But as security decision-makers report higher into the organization and take on more responsibility, it will be more essential than ever to have an effective marketing and advocacy plan in place.

Mon, February 14, 2011 - Smartphone users download billions of applications each year, and while the apps add greatly to phone functionality, the risks of buggy or malicious code threatens the user and also the integrity of networks.

Wed, February 09, 2011 - The PCI Security Standards Council has announced that the nomination period for election to the 2011-2013 PCI SSC Board of Advisors is now open.

Mon, February 07, 2011 - I was at the airport, standing in line, when I struck up a conversation with a traveler about his iPhone. He discussed its features with me and its ability to harness the internet anytime and anywhere. He indicated that the phone's simple, elegant, and intuitive interface is a joy.

Mon, February 07, 2011 - Worried about lousy cloud security? There's plenty of lousy security in other areas as well.

Mon, January 31, 2011 - Imagine sitting down at a public PC, surfing the Web, visiting Facebook, checking your online bank account and buying something on Amazon.com -- all without entering passwords or credit card information.

Mon, January 24, 2011 - Information is the lifeblood of business. Valuable corporate data is available to employees, business partners and contractors. It is accessed locally, in the cloud and virtual environments, providing instant access to non-public sensitive information. Making matters worse, employees typically do not ask permission to load third-party software or applications on their laptops and mobile phones -- devices that are connected to their companies' networks and data stores.

Mon, January 10, 2011 - T.J. Hooper was a precedent setting tort case in 1932. While I'm not a lawyer, I have a good friend, Ron Coleman, Esq., who blogs about law issues, so a bit of jurisprudence has rubbed off on me. In Hooper, Judge Learned Hand described what is now called the calculus of negligence or the Hand Test.