We are Hacked – Firewall Useless – Now What?

by

Why did we get hacked?  Is a common refrain after a breach. Thousands of businesses got hacked last year (and this year) as in my previous post: http://oversitesentry.com/analyzing-data-breaches-can-we-tolerate-status-quo/ We believe in our technologies, in automation in firewalls There are many aspects of potential weakness – and all weaknesses will be taken advantage of. The only way … Read more

Its not that we don’t care about Security

by

Does this sound familiar? My company does what it can with security and is compliant, we have no breaches so far.   The problem is that the security team knows we can get breached, in fact we likely already have. But fortunately nothing has been overtly accomplished (as far as we can tell) by the … Read more

Digital Anything is at Risk – Fingerprints & more

by

Office Personnel Managment hack now suspected also of stealing fingerprint data. http://www.nationaljournal.com/tech/2015/07/14/How-Much-Damage-Can-OPM-Hackers-Do-With-Million-Fingerprints   What can be done with a stolen fingerprint?  Is it really only a foreign government coup?  Can the Chinese government splinter groups use this information for other nefarious reasons? { Part of the worry, cy­ber­se­cur­ity ex­perts say, is that fin­ger­prints are part of … Read more

Security Triangle+ People Process Technology+

by

As other blog posts have mentioned  in the past: Schneier: https://www.schneier.com/blog/archives/2013/01/people_process.html http://www.computerweekly.com/blogs/david_lacey/2013/01/we_need_more_use_of_security_t.html Here is the “Security Triangle” People, Process, and Technology. Image from: http://www.business2community.com/online-communities/social-intranets-merging-people-process-and-technology-0126252   Even though the image above is for social media, I like it because it shows the number of items in People that must be behind your new security push. “Security People” … Read more