Thursday, March 13, 2014
I've been arguing that poor monitoring by management leads to security “surprises.” This is a brief overview article – you can see what I'm talking about.
Security Metrics: What is a "Metric"?
There are many important and useful tools related to the metrics landscape; let's take a look at some of them and how they fit together. For the sake of this discussion, I'll stick with the definition of “metrics” that I offered previously:
A metric is some data and an algorithm for reducing and presenting it to tell a story.
(Related) Lawyers: Have we reached that “Target is doomed” level yet?
I’m watching Josh Tyrangiel of Bloomberg on CBS News this morning reporting that prior to its massive breach, Target ignored the warning alerts generated by its FireEye system. Target hasn’t responded to Bloomberg’s questions as to why the warning e-mails generated by the system were ignored.
Interestingly, we heard something similar in the Neiman-Marcus breach where hackers kept triggering alarms, but the almost 60,000 alarms were ignored by personnel who viewed them as false positives.
The question is always how sophisticated the encryption is. If “Dali Lama” always encrypts to “p3ujd msk9d,” this is no big deal.
Google is encrypting search globally. That’s bad for the NSA and China’s censors.
… China’s Great Firewall, as its censorship system is known, has long intercepted searches for information it deemed politically sensitive. Google’s growing use of encryption there means that government monitors are unable to detect when users search for sensitive terms, such as “Dalai Lama” or “Tiananmen Square,” because the encryption makes them appear as indecipherable strings of numbers and letters.
What is the equivalent “disruptive technology” in your industry?
Craigslist, the online-ad site, saved the placers of classified advertisements $5 billion from 2000 through 2007, according to an analysis by Robert Seamans of New York University and Feng Zhu of Harvard Business School. It also had a profound impact on U.S. local newspapers, siphoning off classified advertisers and leading to decreased classified-ad rates, increased subscription prices, reduced circulation, and declines in display advertising. It also set up a consumer expectation that classified advertising would be free.
Has Harvard just blessed Wikipedia?
Harvard's Looking for a 'Wikipedian in Residence'
The Houghton Library on the Harvard campus holds the university's collection of rare books.
… Yesterday, John Overholt, Houghton's Curator of Early Modern Books & Manuscripts, posted a job listing. He's hiring a Wikipedian in Residence—someone who can serve as a kind of liaison between Wikipedia and the academic, cultural, and intellectual institutions whose source material its entries rely on. In this case, Harvard.
The Wikipedian in Residence will, according to the job announcement, help to "expand coverage on Wikipedia of topics relevant to Houghton collections." He or she will add sources for existing Wikipedia pages and create new pages "on notable topics." The person will also "provide appropriate formatting and metadata (and OCR cleanup in the case of texts) to upload public domain content to Wikimedia and Wikisource, and facilitate the use of such materials by other Wikipedia users."
Another tool for my students.
Stay Protected From Every Type Of Malware With Avast Free Antivirus
Virtually every computer user understands that they need protection from online threats. But what is still a common misconception is that you must pay loads of money for it. Norton, McAfee or any of the other big name antivirus companies aren’t the only options. In fact, many reputable free antivirus programs are just as effective as the ones you would pay for, and avast! Free Antivirus is definitely one that we feel stands with the best Windows antivirus programs.
For my Computer Security majors... (and any other students considering a switch)
High Demand Pushes Average Cyber Security Salary Over $93,000
The number of job postings for cyber-security positions grew twice as fast as the number for overall IT job postings in 2013, Burning Glass Technologies found in its latest installment of the Job Market Intelligence report.
… In comparison, the average salary for all IT job postings was $77,642.