Microsoft and Adobe: Collaboration Against Threats

You know my opinion on collaboration between countries, on public-private-partnerships as well as on collaboration between companies. Since quite a while we run a program called MAPP – the Microsoft Active Protections Program, where we share vulnerability information with security vendors to help them to get signatures out to our joint customers the moment we…

The Importance of International Collaboration–Even in Exercises

One of the biggest challenges in Critical Infrastructure Protection or Incident Response is collaboration. Collaboration between the public and the private sector as the private sector is most often running the critical infrastructure; collaboration between different governments as well as incidents do not tend to stop at a country’s border. Now, planning for such a…

Microsoft Security Intelligence Report – What it means for EMEA

“Unfortunately” I have been on vacation when we released the Security Intelligence Report last week. Nevertheless I would like to take the opportunity and look at it more from a EMEA perspective. One of the interesting data points we always publish is the Malware Infection Rate. Remember, there is a huge amount of data we…

A Detailed Analysis of an Attack – Do We Need an International Incident Sharing Database?

I recently came across a paper called Shadows in the Cloud, which is actually a follow-up report of Tracking GhostNet: Investigating a Cyber Espionage Network, an investigation of the attacks on the office of the Dalai Lama and some governmental bodies. The report is written by two bodies who had the privilege to investigate those…

Legal Challenges of International Business and the Cloud

To start with: I am an engineer not a lawyer – and this might be part of the problem… When I started to think about the Cloud and security and thought about all the work I do with Law Enforcement and the challenges they face. Additionally, I started to think about the legal challenges we…