• Jul 07
    2016
    I see four big business challenges in moving to the cloud: 1. Selecting a Vendor. There are lots of cloud providers, and each offers its own unique blend of services, stability, and commitment. Whatever vendor you choose, you’re going to have a partnership with them that is likely to be more intimate than almost any other vendor relationship you’ve had. You need to find a vendor whose service complements your ...
  • Jun 22
    2016
    The 2016 Cost of Data Breach Study: Global Analysis has been released, and you can download it here (registration required). Sponsored by IBM and performed by the Ponemon Institute, this year’s study is a real eye-opener. The report classifies data breach costs into four categories: 1. Detection and Escalation Costs forensic and investigative activities assessment and audit services crisis team management communications to executive management and board of directors 2. ...
  • Jun 17
    2016
    A recent blog posting at the InfoSecurity website suggests that instead of moaning about how employees are the weakest link in your security chain, you take steps to make them the strongest. “Persuading Employees They Are Your Organization’s First Line of Defense” by Chris Barrington describes the strategic approaches for getting the security message across. Barrington offers eight different considerations for your messaging. I won’t describe them all here because ...
  • Jun 07
    2016
    We have reached the point that businesses are paying attention to cybersecurity, which is a good thing. All over the country, organizations are promulgating policies, conducting training programs, hiring security consultants, and buying security products. In other words, we are seeing good security management. But you have probably already heard this quotation from the late great Peter Drucker: “Management is doing things right; leadership is doing the right things.” As ...
  • Jun 01
    2016
    A friend of mine once interviewed for a job as administrative assistant to the CEO of a photoelectric sensor manufacturing firm. In a series of interviews, she met with the incumbent in the job, who was well respected by her boss and the company at large. My friend asked the incumbent for her thoughts on the contribution she made to the photoelectric manufacturing industry. The woman looked at my friend ...
  • May 25
    2016
    A new white paper from Hewlett Packard Enterprise advances a novel perspective on cybercrime. The Business of Hacking (you can download the report for free) examines cybersecurity from the standpoint of someone trying to run a criminal enterprise: "Cyber criminals look to maximize their profits and minimize risk. They have to compete on quality, customer service, price, reputation, and innovation. The suppliers specialize in their market offerings. They have software ...
  • May 18
    2016
    Last year, there were more than 25 major data breaches, including OPM, the IRS, Ashley Madison, Anthem, CVS, Walmart, and Scottrade. Business news was dominated by these events. But it occurs to me that I haven’t seen any news reports of major data breaches for past several months. This concerns me, because I know the lack of news is not the result of a lack of attacks. If anything, 2016 ...
  • May 10
    2016
    The Verizon 2016 Data Breach Investigations Report (follow the link to a page from which you can download it) is out. This year, it is based on a dataset of 64,199 incidents that resulted in 2,260 confirmed breaches. It covers more than 20 industries in 82 countries. The report points out that phishing as an attack vehicle has continued its upward trend from previous years. Email is still the favored ...