May 28, 2012    /    by

How Do Social Networks Get Hacked? A Lulzsec Case Study

How do social networking sites get attacked by hackers? What methods are used? Why are attacks successful? What can be done to improve security on social networks?

How do social networking sites get attacked by hackers? What methods are used?  Why are attacks successful? What can be done to improve security on social networks?

These are just some of the questions that are addressed in a recently-published Hacker Intelligence Report by Imperva. The report’s executive summary offers an intriguing glimpse into the hacktivist world that threatens almost every online service. Here’s an excerpt: READ MORE

May 20, 2012    /    by

Reinventing (or Removing) Cash Registers with new Shopping Security

Ever since I read Megatrends in 1988, Ive been fascinated by predictions about how technology will alter our daily lives in the near-future. One area that is evolving quickly is our shopping experiences both online and offline.

Ever since I read Megatrends in 1988, I’ve been fascinated by predictions about how technology will alter our daily lives in the near-future.  One area that is evolving quickly is our shopping experiences both online and offline.

 What’s next? Get ready for the reinvention of the cash register – with competing visions for how that will happen. What’s fairly certain is that our smartphones, iPads and/or other mobile devices will become an integral part of the new check-out process. READ MORE

May 12, 2012    /    by

How Multitasking Hurts Our Productivity

Most of us always trying to do multiple activities at the same time. But is it really working?

  Most of us are trying to do multiple activities at the same time. But is it really working?

  For example, I like to keep “to do” lists. I get special satisfaction when I complete one action item and the result is that multiple items come off of my list. More often than not, I’m tempted to multitask, especially at work. On top of that, I’m instinctively looking for new tips and shortcuts that can help me gain a further edge in accomplishing my personal and professional goals. READ MORE

May 6, 2012    /    by

Listening to the Noobs on Security - Or Not?

How much attention should cyber pros pay to comments from the "noobs" about technology and security?

How much attention should cyber pros pay to comments from the "noobs" about technology and security?

I started thinking about this topic after reading an intriguing Computerworld article entitled: Dispatch from the technology culture wars: What geeks and noobs need to understand about each other.  In case you’re wondering, a noob is slang for newbie or, as Erin Elgin describes in this piece, “nontechnical people who want gadgets to just work.” READ MORE

April 28, 2012    /    by

Poll: What's Happening With BYOD in Government?

Opinions are all over the map on "Bring Your Own Device" (BYOD) to work. Here are some viewpoints and a poll.

Opinions are all over the map on "Bring Your Own Device" (BYOD) to work. I've heard those who insist that 80% of us will adopt this new approach to mobile devices within a few years. Others believe that the letters BYOD stand for "Bring Your Own Disaster..."

Here are a few viewpoints and a quick poll to gauge your opinion. READ MORE

April 22, 2012    /    by

Dark Clouds Over Technology: Pondering Action After Recent State Government Data Breaches

Over the past few weeks, there have been several high-profile breaches announced involving state government systems - one in South Carolina and one in Utah. My first reaction was to think: There but for the grace of God go we.

Over the past few weeks, there have been several high-profile breaches announced involving state government systems - one in South Carolina and one in Utah.  I say “high-profile” because the coverage of both incidents has been widespread, with tech magazines, blogs and even major newspapers and TV stations covering the situations in detail.  The headlines have not been very encouraging for our respected government colleagues, with Computerworld reporting that the Utah breach 10x worse than originally thought.

My first reaction, and the thoughts of many government CIOs, CTOs, CISOs and CSOs around the nation, was to think: “There but for the grace of God go we.” Anyone who thinks they are not susceptible to similar cyber incidents (whether from insider threats or external hackers) has not been paying close enough attention to the growing threat in the cyber world we live in. (I covered this topic briefly in the piece: Is America Outgunned in Cyber?)   READ MORE

April 15, 2012    /    by

The Business of Security: Why Customer Service Matters More Than You Think - Part 3

So what is the right level of security? How do you know if you have gone too far, or not far enough in protecting critical systems? Do all business functions need the same level of security?

A few weeks ago, Bob Lewis wrote some provocative words over at InfoWorld that most security pros probably find pretty hard to stomach. In an article entitled:  BYOD and the hidden risk of IT security, Bob basically called out most “bring your own device to work” security strategies as being more damaging to enterprises than helpful. His subtitle said this: “When employees use personal devices for business purposes, too much security can create more risk than it prevents.”

Wow! He got my attention. But I’m struggling to get to the same place as Bob. I’m still looking for the preponderance of large enterprises that have the “too much security on smartphones” problem.  I wish he had provided some compelling examples. READ MORE

April 14, 2012    /    by

Titanic Mistakes: Five Pragmatic Lessons from Spectacular Technology Failures

Everyone is talking about the sinking of the Titanic and they should be. Here are five lessons for technology and security professionals from the sinking of the Titanic ...

Everyone is talking about the sinking of the Titanic – and they should be. The people, the stories, the technology, and especially the tragic ending, are legendary. It has been one hundred years since she sank. Books have been written, movies made – and remade in 3D. But somehow, we can’t seem to forget what happened or miss a chance to hear the remarkable, mysterious story again.

Numerous theories still abound analyzing the never-ending question: “Why did it happen?” The very word “Titanic” has become synonymous with words like enormous, monumental, gigantic, massive, huge and immense. But most of us aren’t picturing a monumental home run or an enormous successful product launch. No, the word Titanic has also been seared into our brains as a massive failure. READ MORE

April 9, 2012    /    by

Delivering Cybersecurity With Customer Focus: Who, When, Where and How

So how can this customer service theme work for security professionals? Allow me to tell you a true story.

Every manager has a day like this at some point.

It was in late spring of 2009, and I was having one of those “open and honest” conversations with my Infrastructure Services (IS) Leadership Team regarding how things were really going with internal organizational relationships. I had moved over from the Chief Information Security Officer (CISO) role to become the Chief Technology Officer (CTO) a few months earlier, and this was the moment that I later declared to my wife that my “infrastructure honeymoon period” was officially over. READ MORE

April 2, 2012    /    by

Customer Service is a Priority for Security Pros Too

Several hundred people had gathered for a second morning to hear the results and ask questions regarding the recently completed Gartner study, which covered all aspects of Michigan Governments Information, Communications and Technology (ICT).

   It was a warm Friday morning for March in Michigan, and the Williams Auditorium was packed with government technology supervisors, managers and directors within state government. Several hundred people had gathered for a second morning to hear the results and ask questions regarding the recently completed Gartner study, which covered all aspects of Michigan Government’s Information, Communications and Technology (ICT).

This comprehensive Gartner study took over five months to complete. Their analysis examined people, processes and technology and benchmarked us against other states and the best companies in the world. (Yes – cybersecurity was included in this “As Is, To Be, Gap Analysis.”) The day before, Gartner representatives presented the good, the bad and the ugly regarding the current situation. Now came the part that everyone was anxiously waiting to hear – what did the future hold for Michigan government ICT? What were the new recommendations that would likely change our direction? READ MORE