PCI compliance has the basic settings for computer security but it will not ensure your corporation will be secure. For that to happen you must have personnel that implement security policies correctly, and it must be ingrained in all employees, as the weakest link is in our employee actions day after day. It is difficult … Read more
Why has Risk Management failed us? Every place you see “Accept risks” replace with Hacked computers. JP Morgan proved this concept even with a seeming unlimited security and IT budget, some mistakes creep into the organization. 76 million accounts affected Every box with monitor and manage risks replace with Computer hacked from the internal … Read more
Here is yet another article pleading you to do something: http://www.darkreading.com/risk/6-ways-the-sony-hack-changes-everything-/a/d-id/1319415 The article paints a dark picture. The Sony hack was unique in that the hackers actually deleted files, caused employees to not be able to work at the office for a little while, although nothing appreciable happened at the Sony stock price. What … Read more
I received a LinkedIn message on Monday (from a good friend of mine Leland) and after a couple of messages (first Leland thought I was doing some kind of test – his initial message asked if I was security testing with a casino link) Then late in the evening he sent this: Notice the … Read more
I agree with the Governance people at ITgovernance: http://www.itgovernanceusa.com/blog/technological-cybersecurity-solutions-address-only-half-the-threats/ Technology only addresses some of the potential Cybersecurity hurdles that a company may have. The poster child of massive data breaches (Sony) was due to an internal breakdown, that plus previous documented failures show a lack of concern for IT Governance. In my mind I have … Read more
