by Jesper Kråkhede, Sweden
Posted in Business, Compliance, Security Architecture on Dec 5th, 2009
In a swedish article today some interesting figures is shown from bank transaction frauds, including credit card frauds: • 600-700 M SEK was lost 2008 (60-70 M EUR) • 1% of the grown up population was affected (60 000) • 84% got their money back partly or in full FI, Finansinspektionen, the authority responsible for […]
Posted in Business, Compliance, Security Architecture on Nov 27th, 2009
New laws are emerging in Europe that has its origins in US. Those state that companies and organizations that experience a breach where information is lost have to go public in one way or another. This means that public humiliation and loss of face will be a cost to take into account and also the […]
Posted in Business, Methodology, Security Architecture on Oct 31st, 2009
At the same presentation I was approached by the CIO asking me: You are suggesting quite substantial changes in our way of working. How do you know that this will solve the problems and how do we know that this is the real problems? I first started to explain how security works and that you […]
Posted in Business, Security Architecture on Jul 27th, 2009
Backup´s are important as we further enter an automated world where IT is essential in the business. I used to work with designing manual procedures in case the IT stopped working but during the last few years I have stopped doing that due the fact that it has become more or less impossible to do […]
Posted in Business on May 18th, 2009
During the last years I have had the opportunity of acting as a mentor for security professionals, CSO, CISO and others. My area of focus has been making security easy to handle and understandable for the common man. It is almost amusing to see the changes in how a company works with security before and […]
Posted in Business, Methodology on May 11th, 2009
In Steve´s blog there was a note that he had to leave Microsoft and from other places I heard that it was the better part of TWC that was eliminated. I am a bit unsure about what the consequences of this are. Microsoft has for several years been the top player when it comes to […]
Posted in Business, Security Architecture on Mar 15th, 2009
Last week I was attending a workshop within Public Security looking at e-id and the internal consequences for implementing it. The basic idea was to implement a national e-id for everyone living within a country and also giving one for everyone allowed to stay and work. This is of course nothing new but what we […]
Posted in Business on Nov 9th, 2008
I have had a terrific week at Les Fontaines where I attended a course named Boardroom Enterprise Architecture. From my point of view it was the best course I have attended for many, many years. That said we had a quite interesting discussion regarding how to sell security to CxO-level. The general opinion was of […]
Posted in Business on Oct 20th, 2008
I few years ago I started to tell consultant firms that they have to start deliver secure solutions by default and that not delivering would lead to losing business. Sadly I got this confirmed from a partner today who have been contracted to review several applications delivered by different consultant firms with the specific goal […]
Posted in Business, Security Architecture on Sep 4th, 2008
I attended a very interesting workshop today that you most probably will hear more of in a few months from now. Afterwards I had a discussion with a few colleagues regarding security and visible effects of security. We discussed the usage of visible deterrents with it-security. When deploying physical security the deterrent is sometimes the […]