Over at the Office of Inadequate Security, Dissent says everything you need to know about a new report from the UK’s Big Brother Watch: Extrapolating from what we have seen in this country, what the ICO learns about is clearly only the tip of the iceberg there. I view the numbers in the BBW report [...]
From The Fine Article: Under these circumstances, then, it becomes more likely that the charges are indeed weak (or false) ones made to seem as though they are strong. Conversely, if there were no political motivation, then the merits of the charges would be more closely related to authorities’ zealousness in pursing them, and we [...]
In the comments to “Why I Don’t Like CRISC” where I challenge ISACA to show us in valid scale and in publicly available models, the risk reduction of COBIT adoption, reader Sid starts to get it, but then kinda devolves into a defense of COBIT or something. But it’s a great comment, and I wanted [...]
There seems to be no notification that these files are publicly available and no web page listing all the submissions. Therefore, unless you know they are there, you won’t find them. But you can find them all through Google using this search string “NOI site:http://www.nist.gov/itl/upload/”
For your consideration, two articles in today’s New York Times. First, “How to Remind a Parent of the Baby in the Car?:” INFANTS or young children left inside a vehicle can die of hyperthermia in a few hours, even when the temperature outside is not especially hot. It is a tragedy that kills about 30 [...]
This event will be the first discussion of these Federal cybersecurity R&D objectives and will provide insights into the priorities that are shaping the direction of Federal research activities. One of the three themes is “Cyber economic incentives — foundations for cyber security markets, to establish meaningful metrics, and to promote economically sound secure practices.”
In “White House Cyber Czar: ‘There Is No Cyberwar’,” Ryan Singel writes: As for his priorities, Schmidt says education, information sharing and better defense systems rank high. That includes efforts to train more security professionals and have the government share more information with the private sector — including the NSA’s defensive side. “One thing we [...]
I know that reading the new 376 page US “National Broadband Plan” is high on all your priority lists, but section 14 actually has some interestingly New School bits. In particular: Recommendation 14.9: The Executive Branch, in collaboration with relevant regulatory authorities, should develop machine-readable repositories of actionable real-time information concerning cybersecurity threats in a [...]
Industry ‘experts’ misfired when they criticized Microsoft’s Scott Chareney’s “Internet Security Tax” idea. Q: How many of these ‘experts’ know any thing about information economics and public policy responses to negative externalities? A: Zero. Thus, they aren’t really qualified to comment. This is just one small case in the on-going public policy discussions regarding economics of information security, but given the reaction of the ‘experts’, this was a step backward.
In addition, while traditional bank robbers are limited to the amount of money they can physically carry from the scene of the crime, cyber thieves have a seemingly limitless supply of accomplices to help them haul the loot, by hiring so-called money mules to carry the cash for them. I can’t help but notice one [...]