Despite the significant uptick in information security events on display thus far in 2011, and despite the diversity and caliber of organizations that are being breached, it seems that too many organizations are failing to learn the lessons of the victims. More than...
…that is the question. Every time a software vendor experiences a vulnerability or releases patches for a serious security issue, the debate about Full Disclosure or Responsible Disclosure gains a little more steam. Just how much information should a vendor disclose...
Why should you take your organization’s information security posture seriously? Just ask Sony. It has been estimated that Sony will spend more than $170 million dollars due to the recent breaches they have suffered. Personally, I think that the...
Risks exist. You would think that this is so obvious as to not need saying, but too many people appear to operate as though downplaying or ignoring risks have any impact on their reality. That sign announcing “bridge out” isn’t really concerned with how much you...
We are only one third of the way into 2011, but we have had some of the largest information security breaches of the decade – and the trend does not appear to be slowing down. Here are just a few of the biggest reports for the year:...
Security is not just a state of being. We are often called to provide an assessment about our present security posture, and usually, the person asking the question is doing so within a very narrow context – one that the may or may not have shared with you. Answering...
Last time, I mentioned that inadequate planning is one of the key reasons why your new technology purchase might prove to be disappointing. This is true not only of planning that occurs once the project has been authorized and assigned an official “Project...