…that is the question. Every time a software vendor experiences a vulnerability or releases patches for a serious security issue, the debate about Full Disclosure or Responsible Disclosure gains a little more steam. Just how much information should a vendor disclose...
Why should you take your organization’s information security posture seriously? Just ask Sony. It has been estimated that Sony will spend more than $170 million dollars due to the recent breaches they have suffered. Personally, I think that the...
We are only one third of the way into 2011, but we have had some of the largest information security breaches of the decade – and the trend does not appear to be slowing down. Here are just a few of the biggest reports for the year:...
Security is not just a state of being. We are often called to provide an assessment about our present security posture, and usually, the person asking the question is doing so within a very narrow context – one that the may or may not have shared with you. Answering...
Yes, we know that information security in an interconnected world is not trivial. We accept that configuration errors or malicious insiders or new, complex threats might conspire to provide opportunities for a breach. But who says that it is acceptable...
Given the recent spate of breach announcements from companies like Monster.com and TradeFreedom Securities Inc., I’ve been thinking about how poor security is going to impact organizations and consumers over the next few years. Even though there have been an...