Well, yes we need Cybersecurity Legislation without doubt but sometimes the legislator goes too far in my opinion. I read this article this morning: Use Google Street View Maps & Serve More Time. I quote: The state legislature in the U.S. state of Louisiana has passed a law adding extra time for committing a crime . . . → Read More: Do we Need Special Laws?
|
||||||
Consumerization of IT–How to address thisBring Your Own Device or Consumerization of IT are fairly hot themes in a lot of customer organizations. When I talk to customers, there are typically different reactions, once we bring this up. Some tell us, that it is not part of their strategy; some tell us that they plan to do it but that they have a hard time figuring out, how to secure such an environment; very, very ... 
10 Years of Trustworthy Computing at MicrosoftBefore joining Microsoft a little bit more than 10 years ago, I ran a team at PricewarehoureCoopers on e-Business Risk Management – classical security consulting in the Internet bubble time. When I announced that I will leave PwC and join Microsoft, I got interesting reactions (and remember, this was 2001). Mainly they were along two lines: Oh, you are joining a desktop company? ... 
10 Reasons to migrate off Windows XPI would like you to sit back, close your eyes and think about the year 2001. Think about how you used technology back then, how you used the Internet. Now, let’s take it a little bit further back in history and think of the year 2000. Just after we realized that the Year-2000-Problem was handled very well by the industry. How you used technology, how you used the Internet, the ... 
Office 365 Becomes First and Only Major Cloud Productivity Service to Comply With Leading EU and U.S. Standards for Data Protection and SecurityA long title but this was the title of the official press statement yesterday. Compliance is always a key question in the public cloud space. Therefore it is very important for us that we now achieved three things: Office 365 is compliant with EU Model Clauses, Data Processing Agreements and ISO 27001 among other standards. Office 365 is the first and only major ... 
I recently came across a paper called Shadows in the Cloud, which is actually a follow-up report of Tracking GhostNet: Investigating a Cyber Espionage Network, an investigation of the attacks on the office of the Dalai Lama and some governmental bodies. The report is written by two bodies who had the privilege to investigate those . . . → Read More: A Detailed Analysis of an Attack – Do We Need an International Incident Sharing Database?  One comment  Associations, Crime, Critical Infrastructure Protection, Cybercrime, Government, Incidents, Industry, Law Enforcement, Legislation, People, Policy, Process, Security, Technology, Terrorism, Trends  Cloud, Collaboration, Crime, Cybercrime, Government, Hacking, Incident Sharing, International, Law Enforcement, Legislation, Policies I blogged on Day 1 and Day 2 but as I expected, I was unable to blog yesterday on the conference. However, let me just briefly give you my impression of the final day: The core part of this last day was a whole block on Cloud Computing. There were different presentations on the subject . . . → Read More: Council of Europe – Octopus Conference (Cooperation against Cybercrime) – Key Messages When I talk to customers, the different attacks are often something we discuss (obviously). I often mention that Virus and Worm attacks on a broad scale (like Conficker etc.) are a serious problem but at least one we see, one we understand and one we can fight (because we see and understand it). However, . . . → Read More: Targeted Attacks -the "Real" Problem I often see a lot of discussions on Information Warfare. Today I just stumbled across a paper published by RAND called Strategic Information Warfare – A New Face of War – from my first impression definitely worth reading Roger There is definitely proof that during war times, armies add a virtual component to the “real life” war. Additionally we have seen the attacks to Estonia, where nobody really knew where they originated from (I do not mean the country but whether a government was behind them of just a group of hackers). Now, we . . . → Read More: After Estonia now Kyrgyzstan One of the questions I often get is my position on Cyber-Terrorism. I doubt that there will be “isolated” technology-related terrorism. What we see much more is the use of high-tech during classical terrorism attacks. If you look at the recent terrorism events in Mumbai, there was some pretty interesting background on it: In order . . . → Read More: Technology in the Mumbai Attacks Following the attacks on Estonia, they published a pretty interesting paper called Cyber Security Strategy by the Ministry of Defense in Estonia. One thing which I see again and again is that most of the people looking into such strategies conclude that strong collaboration is needed between the different players as well as across country . . . → Read More: Estonia’s Cyber Security Strategy As you all know, most jurisdictions allow individuals to ask for data collected by an organization (being it a company or a governmental organization). A lot of countries have Data Protection Commissioners that look into what companies and more often governments do with regards to PII (Personal Identifiable Information). After 9/11 the United States forced . . . → Read More: How to circumvent Privacy Laws We all know that crime is global and that they are doing their best to leverage the legal shortcomings and the limitations of the cooperation between Law Enforcement agencies. There is a good article about one case in the New York Times which is definitely worth reading: Global Trail of an Online Crime Ring . . . → Read More: The Global Network of Crime |
|
|||||
|
Copyright © 2012 Roger Halbheer on Security - All Rights Reserved Powered by WordPress & Atahualpa |
||||||
