While we can generally conceptualize that our businesses and organizations have information that may be the target of rivals, criminals, activists and general troublemakers – we sometimes forget that the tools of our trade can just as readily be the target as well. These “tools” could literally be the tools that serve your business (computer controlled manufacturing devices),… Read More »

Statistically cautious…

As Samuel Clemens (AKA Mark Twain) said: There are three kinds of lies; – lies, – damned lies, and – statistics. Statistical analysis is a powerful tool to make sense out of an otherwise overwhelming amount of data, but care must be taken because that same analysis can skew the results in some cases to make powerful (and… Read More »

Broad Distribution Emails – Don’t Give Away the Crown Jewels

Many of us receive regular emails from various recruiters, as well as groups and associations that we belong to, with the latest opportunity, offer or scuttlebutt from the gang. Thank goodness that email is largely paperless; I often worry that my ancient Celt ancestors were right about worshiping trees, and I’m going to be held accountable to the… Read More »

Virtual Aggregate Threats

Security staff and end-uses in many organizations are quickly coming to grasp the concept of aggregation (where the sum total of information in a database is more valuable, and hence a greater risk/higher security classification, than the individual components. Unfortunately many forget that the data isn’t just in a single database – and “virtual aggregates” which can be… Read More »

Duplicate Facebook Friend Scam

I’m sure you’ve all heard this before – that scammers are creating duplicate FaceBook accounts/profiles as some of your friends (copying pictures and other details from the “real” accounts) and then attempting to “re-friend” you because the old account has some kind of virus/Trojan (which is a crock of excrement). In any case – it finally happened to… Read More »

A Picture Is Worth a Thousand Clues

A friend posted what should have been a simple picture on a social media site – not realizing she was potentially exposing more than just her lousy day. A simple case-study of stalking and potential identity theft. I’m not a big advocate of pushing “FUD” (Fear, Uncertainly and Doubt) in the security community – but equally so, I… Read More »