iang over at Financial Cryptography has a thought-provoking discussion of liability (ht @alexhutton) and its corresponding risks. I think I added a comment (but can’t be sure) that said this: Culture and consciousness is all a distraction and very malleable.…
Economics and Risk
My Dream Metrics Status Report
by Pete Lindstrom • • Comments Off
“Last month, our IT and information assets generated $20 million in revenue in support of 15,000 people using 350 applications. To accomplish this feat, over 32 million connections were attempted across our systems and we applied specific control measures an…
Thinking about APTs and the RSA Hack
by Pete Lindstrom • • Comments Off
The recent RSA hack has once again (after Google and Aurora made a big splash a little over a year ago) brought to the surface this notion of an “advanced persistent threat.” There is great emotion on all sides of…
EMC (RSA) Acquires Netwitness
by Pete Lindstrom • • Comments Off
It is no surprise that EMC has acquired Netwitness. Looks like they are serious about this security stuff Here is a list of EMC / RSA acquisitions through the years, for your historical enjoyment: July, 2001 RSA Security acquires Securant…
Attention InfoSec Pros: measuring risk is in your future
by Pete Lindstrom • • Comments Off
Mike Rothman of Securosis stirs things up a bit with his “Risk Metrics are Crap” post. This type of exercise forces participants to make public commitments. In itself, this is not a huge deal since many positions of those in…
Nuh, uh; Yuh, huh
by Pete Lindstrom • • Comments Off
(is that title the proper English spelling of two kids disagreeing? who knows…) Andrew Gelman’s enlightening blog points to a great example how scientific research helps us get smarter. He excerpts: Three articles published [by Brett Pelham et al.] have…
Firesheep makes us all evil
by Pete Lindstrom • • Comments Off
At what point did you begin to recognize that the world is much more complex than you think and that humans are even more complex than that? Eric Butler shows a kind of youthful ignorance that would be admirable if…
Vulnerability Creation vs. Discovery vs. Fix
by Pete Lindstrom • • Comments Off
Michael Janke at Last In, First Out is rightly concerned about the respective run rates of the vulnerability creation process and our ability to fix them individually. He asks the question “Are we creating new vulnerabilities faster than we are…