by Jesper Kråkhede, Sweden
Posted in Business, Security Architecture on May 2nd, 2013
Everyone that´s been around for some time in this industry has Melissa and Love letter fresh in mind. How many similar outbreaks have you had the last years? I expect you to say none. Does this mean that there are no malware running around anymore? Of course not. There are even more today than there […]
Posted in Business on Feb 21st, 2013
During my life as a security specialist I have encountered several situations, one trickier than the other. One of those is security competence or to be more specific: How could a company keep their security staff? The security market is rather immature and there is a big need everywhere for experienced personnel. As a hired […]
Posted in Business, Security Architecture on Jan 29th, 2013
I found a Swedish article today regarding how easy it is to put someone in personal bankruptcy in Sweden. As you may know Sweden is an open country where information is easy to find. To file an application for personal bankruptcy the only thing you need is to personally leave a birth certificate to the […]
Posted in Business on Dec 31st, 2012
Just two months ago I pointed out that ransomware will be a bigger threat in the year to come. Quite soon afterwards a minor medical clinic was hit with a ransomware having their patient database encrypted. The hackers demanded only $4 000 for the password. A fairly low sum but it would most possible trigger […]
Posted in Business, Security Architecture on Dec 8th, 2012
For South Carolina’s Department of Revenue it at least is worth far more than the $100 000 they wanted to pay for a CISO. The position was vacant for 11 month and during that time they were breached for a total cost of $12 000 000. That would be the salary for the CISO for […]
Posted in Business, Methodology on Aug 21st, 2012
CSA is short for Child Sex Abuse, a terrible crime that has global attention nowadays. Sadly, those perpetrators exist everywhere at all levels of society. Most of them are only ‘viewers’ looking at CSA material while a few produces the material. I will not get into a discussion if you want to have those people […]
Posted in Business on Jun 29th, 2012
One of my favourite sites to visit is DatalossDB. Just recently a new loss was posted. This time it was Yahoo who lost 453 493 email addresses and passwords. The total cost, as calculated by Ponemon Institute, is $27 209 520! This makes a cost of $60 per record. That figure is used as a […]
Posted in Business, Methodology on Apr 29th, 2012
Many of us have seen and implemented different kind of security solutions. Some very cheap and others…more costly. One thing I teach all my colleagues, using Security Analysis Framework, is how to calculate the most economically viable solution for our client. It may seem to be rather easily using Return Of Security Investment (ROSI), but […]
Posted in Business, Compliance on Mar 31st, 2012
A known and mostly accepted axiom in security is that the people doing something should not verify and accredit the same. This is to make sure that a solution is not flawed or intentionally sabotaged. This process holds true in many cases but as it turned out this is not always true for the market […]
Posted in Business, Compliance, Uncategorized on Jan 31st, 2012
Starting your own company is always an interesting challenge, especially when you have ideas that are not so common in the industry. Our core service is PCI DSS as a service, sounds simple enough? Quite a few clients have been intrigued what it actually means and how to implement it. PCI DSS as a service […]