Archive for the “government” category

Nate Silver in the NYT: A Bayesian Look at Assange

by alex on December 15, 2010

From The Fine Article: Under these circumstances, then, it becomes more likely that the charges are indeed weak (or false) ones made to seem as though they are strong. Conversely, if there were no political motivation, then the merits of (…)

Read the rest of this entry »

A Letter from Sid CRISC – ious

by alex on October 25, 2010

In the comments to “Why I Don’t Like CRISC” where I challenge ISACA to show us in valid scale and in publicly available models, the risk reduction of COBIT adoption, reader Sid starts to get it, but then kinda devolves (…)

Read the rest of this entry »

Secret Stash: responses to DoC/NIST ‘Cybersecurity and Innovation in the Internet Economy’ Notice of Inquiry

by Russell on September 30, 2010

There seems to be no notification that these files are publicly available and no web page listing all the submissions. Therefore, unless you know they are there, you won’t find them. But you can find them all through Google using this search string “NOI site:”

30 vs 150,000

by adam on May 30, 2010

For your consideration, two articles in today’s New York Times. First, “How to Remind a Parent of the Baby in the Car?:” INFANTS or young children left inside a vehicle can die of hyperthermia in a few hours, even when (…)

Read the rest of this entry »

“Cyber Economic Incentives” is one of three themes at Federal Cybersecurity R&D Kickoff Event

by Russell on May 3, 2010

This event will be the first discussion of these Federal cybersecurity R&D objectives and will provide insights into the priorities that are shaping the direction of Federal research activities. One of the three themes is “Cyber economic incentives — foundations for cyber security markets, to establish meaningful metrics, and to promote economically sound secure practices.”

I look forward to merging your unique visibility into my own

by adam on March 23, 2010

In “White House Cyber Czar: ‘There Is No Cyberwar’,” Ryan Singel writes: As for his priorities, Schmidt says education, information sharing and better defense systems rank high. That includes efforts to train more security professionals and have the government share (…)

Read the rest of this entry »

National Broadband Plan & Data Sharing

by adam on March 17, 2010

I know that reading the new 376 page US “National Broadband Plan” is high on all your priority lists, but section 14 actually has some interestingly New School bits. In particular: Recommendation 14.9: The Executive Branch, in collaboration with relevant (…)

Read the rest of this entry »

‘Experts’ misfire in trying to shoot down Charney’s ‘Internet Security Tax’ idea

by Russell on March 17, 2010

Industry ‘experts’ misfired when they criticized Microsoft’s Scott Chareney’s “Internet Security Tax” idea. Q: How many of these ‘experts’ know any thing about information economics and public policy responses to negative externalities? A: Zero. Thus, they aren’t really qualified to comment. This is just one small case in the on-going public policy discussions regarding economics of information security, but given the reaction of the ‘experts’, this was a step backward.

Krebs on Cyber vs Physical Crooks

by adam on March 9, 2010

In addition, while traditional bank robbers are limited to the amount of money they can physically carry from the scene of the crime, cyber thieves have a seemingly limitless supply of accomplices to help them haul the loot, by hiring (…)

Read the rest of this entry »

Everybody complains about lack of information security research, but nobody does anything about it

by Russell on March 9, 2010

There has been a disconnect between the primary research sectors and a lack of appropriate funding in each is leading to decreased technological progress, exposing a huge gap in security that is happily being exploited by cybercriminals. No one seems to be able to mobilize any signficant research into breakthrough cyber security solutions. It’s been very frustrating to see so much talk and so little action. This post proposes one possible solution: Information Security Pioneers Fellowship Program (ISPFP), similar to Gene Spafford’s proposal for a Information Security and Privacy Extended Grant (ISPEG) for academic researchers.