It’s easy to critique the recent Voltage report on breaches. (For example, “2009 started out to be a good year for hackers; in the first three months alone, there were already 132 data breaches reported.” That there were 132 breaches does not mean that hackers are having a good year; most breaches are not caused [...]
In “Books that should be in a security manager’s library,” Jeffrey Bennett says nice things about The New School (the book) and suggests that it’s one of eight that “no professional library is complete without.” Thanks!
Since Adam started it, I’ll add a link to a nice YouTube video about how to be a good skeptic h/t BoingBoing
I’m cleaning out my pending link list with couple morbidly-thematic links. Old-but-interesting (2007 vintage) list of relative likelihoods of death compared to dying in a terrorist attack. For example… You are 1048 times more likely to die from a car accident than from a terrorist attack You are 12 times more likely to die from [...]
OK, so this week for Visualization Friday, I’m going to point you to just one thing: At Last, a Scientific Approach to Infographics A blog post by the awesome visualization expert Stephen Few that praises: Visual Language for Designers: Principles for Creating Graphics that People Understand by Connie Malamed OK, I’ll also mention that I [...]
Rich Mogull has a great post on “Science, Skepticism and Security” In the security industry we never lack for theories or statistics, but very few of them are based on sound scientific principles, and often they cannot withstand scientific scrutiny. For example, the historic claim that 70% of security attacks were from the “insider threat” [...]
Ross Anderson is liveblogging the 2009 Workshop on Economics of Information Security. I’m in Seattle, and thus following eagerly. It seems Bruce isn’t liveblogging this time. I know I found it challenging to be a stenographer and a participant at SHB.
Yesterday I got to see what might have been one of the most amazing(ly bad) security dashboards I’ve ever seen. And those who have read my posts on visualization know that I find the visualization of risk & security to be a pretty fascinating field of study. So given the quality of the GRC apps [...]
Is that they can be gamed. See “ Terror law used to stop thousands ‘just to balance racial statistics’” in the Guardian: Thousands of people are being stopped and searched by the police under their counter-terrorism powers – simply to provide a racial balance in official statistics, the government’s official anti-terror law watchdog has revealed. [...]
Update 26 June 2009: The status of Green Dam’s optionality is still up in the air. See, for example, this news story on PC makers’ efforts to comply, which points out that Under the order, which was given to manufacturers in May and publicly released in early June, producers are required to pre-install Green Dam [...]