by Jay Heiser | June 14, 2013 | 1 Comment
Gartner security analysts are being bombarded with questions about CYBER security. Is this cyber reality, or cyber hype? A few years ago, we had seriously entertained the idea of creating a sort of ‘IT Buzz Term Hype Cycle’, that would map overused prefixes across trigger, hype, disillusionment, and productivity. At the time, ‘I-‘ had reached [...]
Category: risk management security Tags: buzzwords, cyber, hype, Hype Cycle
by Jay Heiser | March 28, 2013 | Comments Off
We’ve riffed for years on the distinction between “Dr. No” and “Mr/Ms Yes”, but many enterprises continue to back the security professional into the awkward far corner of the Business Prevention Department. If the risk assessor is going to be blamed for security failures, then that person is always going to be motivated to make [...]
Comments Off
Category: Cloud IT Governance risk management security Tags: risk assessment, risk management
by Jay Heiser | March 20, 2013 | 1 Comment
It would be the rare soul indeed, who, after spending hours or even days cleaning up from a hack, didn’t feel the strong red rage of revengeful urges. And how many PC owners or site managers, still recovering lost data, time, and pride, if presented an opportunity to strike back at their attacker, to make [...]
Category: Policy risk management security Tags: hack back, hackback, hacking, law, retaliation
by Jay Heiser | February 27, 2013 | 2 Comments
“We have decided to do this new thing. We think it has risks. What should we to to make sure that it doesn’t have any risks. This new thing that we’ve decided to do. Without knowing what the risks are, or whether the best practices for risk mitigation have matured.” Exactly
Category: risk management Tags:
by Jay Heiser | February 15, 2013 | 1 Comment
As 4,200 disgruntled holiday goers, trapped on the ironically named cruise ship Triumph, finally end their 5 day ordeal, it serves as a reminder that the eggs can have more stake in the state of the basket than the basket holder does. From the point of view of the cruise line, each booked up ship [...]
Category: Cloud risk management Tags: cloud failure, cloud risk, concentration risk, portfolio risk, recovery risk, risk, risk management
by Jay Heiser | January 9, 2013 | 1 Comment
Today’s library user takes electronic catalogs for granted. Being able to remotely search the contents of a library is not only convenient, but it also allows for a tighter integration between the lending practices—you can see if a book is loaned out. During a period of several decades, a number of service firms made very [...]
Category: Applications risk management Tags: annotations, metadata
by Jay Heiser | January 4, 2013 | 1 Comment
We’ve recently moved house, and my collection of books, many of them heavily marked up with multi-colored highlights, Post-Its, and bookmarks, remains something of a storage issue. Over the last several months, I’ve been experimenting with digital books on an iPad. There’s a lot to be said both for and against services like Amazon’s Kindle [...]
Category: Applications BCP/DR Cloud risk management Tags: contingency planning, continuity, DRM, ebooks, Kindle, PDF, rights management, standards
by Jay Heiser | November 28, 2012 | 1 Comment
Anyone with a stake in the overall success of cloud computing should take a few minutes to read the recent NYT interview with Peter G. Neumann, a highly-respected computer security researcher who, now entering his 9th decade, continues to do ground breaking work on digital reliability. Commercial cloud computing creates new levels of urgency for [...]
Category: BCP/DR Cloud risk management security Tags: complexity, Peter G. Neumann, security, security history
by Jay Heiser | November 2, 2012 | 2 Comments
Our home telephone is totally dependent upon the electrical power grid, and a lead acid battery of unknown age is all that stands between us and total loss of external connectivity. Fiber to the home, which we’ve now had in 2 different houses, represents an opportunity for high speed, flexibility, and economics, providing a single [...]
Category: BCP/DR risk management Tags: cell phones, Hurricane Sandy, power failure, redundancy, Sandy
by Jay Heiser | October 30, 2012 | 1 Comment
Preparing for Sandy’s imminent arrival, I didn’t fill up any bathtubs with water, but I did charge up all the phones, tablets, and MiFis in the house. Frankenstorm didn’t end up having a huge impact on my part of the country, and we never suffered a prolonged power outage. My son, holed up in his [...]
Category: BCP/DR Cloud risk management Tags: contingency planning, electricity, Hurricane Sandy, power, redundancy, weather
