The Importance of International Collaboration–Even in Exercises

One of the biggest challenges in Critical Infrastructure Protection or Incident Response is collaboration. Collaboration between the public and the private sector as the private sector is most often running the critical infrastructure; collaboration between different governments as well as incidents do not tend to stop at a country’s border. Now, planning for such a…

1

Notebook searches at a country border

I guess you still know the discussions a while ago where it was made public that notebooks can be searched without suspicion when you cross the border to the US. Actually the truth is, that this can happen everywhere as far as I understand. To be clear: I am not a lawyer, I am an…

2

Should the Government be able to enforce security updates?

This is actually an interesting question. A lot of governments enforce rules and regulations on how you have to run your car, how often you have to check it, in which condition you have to keep your tires etc. The same is true for a lot of other devices we are using. Now, it seems…

1

Open Source and Hackers

The debate is probably as old as the Open Source software development model: Which one is more secure: Open Source or shared source as we at Microsoft run it? I know that we could now enter a religious debate about that, which I do not want to as I do not really believe in the…

1

We Need Solid and Strong Transparent Processes for the Cloud

This morning I was reading an article called Google seeks to assure customers on cloud security practices on ComputerWeekly. I had to read this – obviously . It references a paper written by the Google Security Officer called Security Whitepaper: Google Apps Messaging and Collaboration Products. So, I read through it and to me it…

1

How to Align Work Live and Private Live

It is often talked about the “New World of Work” or sometimes it is about bringing virtual and physical organizations together – which is often called the Hybrid organization. The Hybrid organization has different aspects: People, Technology and Buildings. We are running different pilots in different offices like Amsterdam or Zurich to learn what we…

0

A Detailed Analysis of an Attack – Do We Need an International Incident Sharing Database?

I recently came across a paper called Shadows in the Cloud, which is actually a follow-up report of Tracking GhostNet: Investigating a Cyber Espionage Network, an investigation of the attacks on the office of the Dalai Lama and some governmental bodies. The report is written by two bodies who had the privilege to investigate those…

2

Banning Social Media – a good idea?

I am really against banning social media – especially with the reasoning of the work performance. To me, this is a management job, not a technology job and by banning social media to make people more productive – I doubt that this is really successful. Now, I read this article: Why Banning Social Media Often…

2

Why Today’s End-User Education Fails!

I was reading a paper recently, where I initially thought it is a joke (it looked scientifically, therefore I was not too scared). But as our research department did it, it is serious and really, really good – at least it definitely made me think. It is called So Long, And No Thanks for the…

0

Council of Europe: We need ONE Cybercrime Convention

As you saw from previous posts, I am at the Octopus Conference on Cooperation against Cybercrime at the moment. We had yesterday the Deputy Secretary General of the Council of Europe and one of her key statements was that different bodies (like the Council of Europe, UN etc.) should not compete. The Budapest convention by…

0