Wednesday, December 17, 2008

The security double whammy

A lot of the recent news is about how the recession will cause increases in cyber threats. Combining that with reduced investment in security, and you have a true double whammy. And some want to add icing to the cake by suggesting that employees will also become more tempted to steal data..

Nice - a triple whammy!

Organizations should be cognizant of the tradeoffs they are making from a risk management perspective. Even if one cannot get everything complete, use the old 80/20 rule to ensure the high priority and projects that will reduce the most risk get implemented. No use being penny wise and pound foolish...

Thursday, December 11, 2008

Crime and the economy

Seems like the prevailing wisdom is that when the economy is in tatters, crime rears up - a negative correlation, if you will. Apparently this is even more true for cybercrime - easier to make a few bucks when folks are scared about their savings, looking for bargains and the always popular, "too-good-to-be-true".

And criminal syndicates are taking advantage of this by providing "help" in ensuring their bank accounts are not in danger, new job opportunities targeting those who might have lost their jobs etc. Just read more of this from

Larger organizations are also not immune from this - what comes in as malware in only part of the threat and unfortunately seems to be the major focus. And folks are still pushing perimeter security and anti-malware as the main protection against this. I think we should be looking beyond - more defense in depth and more protection focused on the data itself.

Monday, December 8, 2008

New Cybersecurity post recommended

I think this is a long time coming - the idea of a more concerted effort and responsibility to fight all kinds of cybercrime. Be it commercial or against government classified data.

Global cyberspace is fragile and it will take a concerted effort to get the message out about the dangers and the grave responsibility that each organization trusted with information holds. The appointment of a national post in the new administration is welcome! I hope it happens and happens fast!