How to manage “Bring your own device”

A few years back a customer’s CSO left the room when I said that this customer should start thinking about a scenario, where selected users bring their own devices – he called me “nuts”. Well, I think the smartphone area proofed me right. Basically the smartphones were the first Bring Your Own Device (BYOD) as…

0

Security of Car Software

We have seen some of the attacks recently, where people started to attack either the locks or the technology/software in the car itself controlling the chassis etc. On DarkReading I was just reading this article: Car Systems Reminiscent of Early PCs One of the things I do not get with cars is the way they…

2

Cyber Security: The Road Ahead

This paper by the Geneva Centre for the Democratic Control of Armed Forces (DCAF) was just brought to my attention. A piece of work, which is definitely worth working through. It lays out the problem space and then does a deep dive into the different sections: Governments Legislative Bodies The Armed Forces Law Enforcement Judges…

2

Six predictions for CIOs

An interesting article by ISACA: Six predictions for CIOs. Here they are: Prediction 1: Cloud computing is here to stay and will become business as usual. Prediction 2: Virtualization will be a catalyst that drives IT modernization. Prediction 3: IT operations become service-centric and business value-focused, rather than process-driven and reactive. Prediction 4: Risk management…

0

Fraud via Phone on the Raise

FTC released their Consumer Sentinel Network Data Book for January – December 2010. The interesting and scary thing is that fraud via phone is on the raise. We get more and more complaints by customers as well, telling us that they got a call from “Microsoft” with the ask for getting access to the PC…

1

Are You Focused On The Wrong Security Risks?

There is an good article on CIO Central: Are You Focused On The Wrong Security Risks? An interesting discussion and I part agree that we have to challenge the way we look at the security risks. I would even broaden the questions he raises. When I talk about industry trends, which impact your risk landscape…

0

Ray Ozzie’s Blog is Back

As I am still oof, another short one: Ray Ozzie’s blog is back: http://ozzie.net/ Ray is definitely one of the driving persons behind our overall vision and architecture. So, it is worth keeping him on your RSS feed. Roger

0

Is a “Zero-Trust” Model the Silver Bullet?

I was reading an interesting article: Forrester Pushes ‘Zero Trust’ Model For Security, where they mainly claim that you should not trust your internal network – something I am asking for since a long time. However, the conclusions Forrester and me are drawing are slightly different. John Kindervag – the person quoted in the article…

0

US Cybersecurity Research!

The Department of Homeland Security published a report on A Roadmap for Cybersecurity Research, I was definitely impressed! All the themes, which are important to me are in their list : Scalable trustworthy systems (including system architectures and requisite development methodology) Enterprise-level metrics (including measures of overall system trustworthiness) System evaluation life cycle (including approaches…

0

Is a Copier Your Biggest Security Risk?

Probably not. However, it indefinitely is a security risk. We are talking about this since a looooooong time as such copiers are sold since 2002. I just recently heard that the criminals are looking into this heavily and now it is even discussed publically on BCS News: Copy Machines, a Security Risk? Actually a really…

1