The European Court ruled recently that the “Safe Harbor” framework is null and void. The decision publicly nicknamed the “Facebook court decision” is not only bothering social communities but many multinational companies that use “Safe Harbor” to exchange or store private data from the EU in the US. What to do now? Many discussions are going on, … More The United States are not a „Safe Harbor“
We could start to vote for the security breach of the week. We would never be shy of nominees. What is worse however is that it does not make sense to vote on a corresponding security leak of the week. Recent analysis shows that it’s almost always failure to implement basic security settings. The hit … More Same old, same old
Every year they’ll chase a different pig through the village, as we say in German. This year in IT security it is cybersecurity. Especially the United States have funded research on this topic and created frameworks as if there is no tomorrow. There are conferences brimming with enticing titles like “Meet the rock stars of … More What is cybersecurity? – Or are you fully buzzword compliant yet?
I had lunch with a colleague lately who was wondering what happens with all the stolen information from data breaches, where we have seen quite a few lately. Latest breaches included personal information like credit card data, identity data, and fingerprints… A research article on DLP products published in the July/August 2015 IEEE Security and Privacy magazine arrives at … More What happens with all the stolen data?
When I studied Economics in the 90ies, Gary S Becker received the Nobel Price for his extension of the microeconomic analysis to include human behavior and social aspects including marriage, discrimination and for example having sex with your spouse. That raised a few eye-browse back then. Nowadays I am wondering when an economist will publish … More The economics of selling security vulnerabilities – or there is a market for everything
Security is such a vast topic and there is always a new attack on the horizon. I am interested to hear what other security experts read on a regular basis. In this blog I have put together which newsletters I try (:-)) to read on a daily basis. https://www.ieee.org/membership-catalog/productdetail/showProductDetailPage.html?product=PER338-EDC&searchResults=Y (the IEEE flagship magazine on privacy … More How do you stay up to snuff on security?
Recently I met former co-students at a reunion, and told them that my area of expertise is security. Everybody agreed that I must work in a hot area and be in for a great career. Well, really? Latest polls indicate that (cyber) security is the top most concern to upper management especially when moving technology … More Security is important – or why every CSO wants to bang their head against a wall
Advanced persistent threats (APTs) are the stealth undercurrent of the daily news on security attacks. IT breaches where data get stolen are so prominent that APTs are getting mentioned but overlooked. APTs are developed and initiated by organizations with an almost unlimited amount of resources. They have highly skilled and incredibly smart people. They have … More Advanced persistent threats – or the new cyberwarfare
Suppose someone tells you that there is a brand new way of secure paying via the internet. The new technology is hyped and after slow adoption has now seen quite a media buzz and is being used by a growing number of companies and private people. Suppose that your conversational partner further tells you that … More The crypto currency Bitcoin – or trust as the key concept of IT security
I have long been nagged by colleagues to start a Security Anonymous group. So here is an introduction including twelve step program: Need help with a security problem? If you are concerned with a security problem and wish to learn more about Security Anonymous, read on further. Security Anonymous is a self-help group for people … More Security Anonymous – the twelve step program 🙂