Events over the past few years have heightened attention on attackers with more serious intentions than script kiddies or casual hackers. The “advanced persistent threat” has been outed, first generally by Google and RSA, then much more explicitly by Mandiant.…
AMP Firehose, Economics and Risk
New Workshop: Drinking from the Advanced Malware Protection Firehose
by Pete Lindstrom •
“Drinking from the Advanced Malware Protection (AMP) Firehose” is a workshop for information security architects, managers and tech-savvy executives to evaluate the ability of newer and evolving AMP solutions (whitelists, sandboxes, active forensics) to address the challenges of zero-day and…
Economics and Risk, Metrics
Does “Risk = T * V * I? Notes on Pr(t) * Pr(v) = Pr(event)
by Pete Lindstrom •
On the SIRA mailing list, we are discussing the age-old risk equation “Risk = Threats x Vulns x Impact (or Consequences).” A number of folks think it is nonsense. Here’s why I don’t. (Email to SIRA mailing list). Before I…
Economics and Risk, Metrics, Vulnerability Management
Which is More Secure – Android or iOS?: Tale of the Tape
by Pete Lindstrom •
Tech risk professionals love to have debates about platform security, though it used to be Windows vs. Linux (really closed vs. open source) which morphed to Windows vs. Apple and is now Android vs. iOS. In any case, there are…
Economics and Risk
On Information Value and Loss; The Simplicity of Breakeven Analysis
by Pete Lindstrom •
On the SecurityMetrics mailing list, Dan Geer wrote: We have, of course, been around the mountain several times on how to value information. There are at least these: 1. acquisition cost (worth what you paid for it) 2. replacement cost…
Highlights
Who Do You Trust? Is it Time for a CyberSwitzerland?
by Pete Lindstrom •
A brief Twitter conversation with Phil Cox (@sec_prof) and Dave Piscitello (@securityskeptic) and the latest PRISM / NSA news got me thinking about trust. Phil suggested that the time is ripe for some sort of Internet “Switzerland” where a U.S.…