Risks exist. You would think that this is so obvious as to not need saying, but too many people appear to operate as though downplaying or ignoring risks have any impact on their reality. That sign announcing “bridge out” isn’t really concerned with how much you...
We are only one third of the way into 2011, but we have had some of the largest information security breaches of the decade – and the trend does not appear to be slowing down. Here are just a few of the biggest reports for the year:...
Security is not just a state of being. We are often called to provide an assessment about our present security posture, and usually, the person asking the question is doing so within a very narrow context – one that the may or may not have shared with you. Answering...
I had a chance to review the 2010 Verizon Data Breach Report today, which I was alerted to by ISC.SANS.ORG. They’ve put together data from 2004 through 2009, and it is quite interesting. These are from confirmed data breach cases. Here were 3 of the scariest stats in...
One of the hardest concepts to emphasize concerning Information Security is that people and processes are more critical to your overall security posture than products are. That is not to say that products are unimportant. Certainly, any deficiency in one of the...
