by Jesper Kråkhede, Sweden
Posted in Business, Methodology, Security Architecture on Oct 31st, 2009
At the same presentation I was approached by the CIO asking me: You are suggesting quite substantial changes in our way of working. How do you know that this will solve the problems and how do we know that this is the real problems? I first started to explain how security works and that you […]
Posted in Methodology, Security Architecture on Oct 31st, 2009
I was presenting the result from a workshop the other day and half way through I noticed a few persons getting very uncomfortable. I decided to address their awkwardness and asked them if everything was clear. The answer I got baffled me: We think you are making this to complex. We do not understand the […]
Posted in Computer Forensics, Security Architecture on Sep 26th, 2009
I suppose everyone have heard about Echelon, the big information collecting system that is supposed to monitor all communications to and from US (and possible everywhere else). The information mass must be gigantic to handle. But looking at it from a bit smaller perspective Corporate Echelon is starting to happen. Looking at the trends in […]
Posted in Security Architecture on Aug 31st, 2009
Just read an interesting blog entry from Apache Infrastructure Team. Apparently they had a breach in security that hit them with some downtime. What catched my eye was that they are very open with what have happened in contradiction to the ordinary secrecy in security where one is seldom even allowed to say that you […]
Posted in Security Architecture on Aug 30th, 2009
When I am out and about speaking with customers and suppliers I often run into the question of cloud security and what that really is. The discussion always starts from the point of perimeter protection, access control to the perimeter and so on and that is not always the solution for cloud security. When we […]
Posted in Business, Security Architecture on Jul 27th, 2009
Backup´s are important as we further enter an automated world where IT is essential in the business. I used to work with designing manual procedures in case the IT stopped working but during the last few years I have stopped doing that due the fact that it has become more or less impossible to do […]
Posted in Security Architecture on Jul 4th, 2009
The tragic death of a famous artist opened up a flood of messages at Twitter. It peaked at 5 000 messages/minute. As with all tragedy’s there is always rumors that says the opposite, in this case that the artist is still alive, and refers to a link showing evidence. In this case this has proven […]
Posted in Security Architecture on Jun 26th, 2009
Just recently a link with an ID protection solution was sent to me. Apparently it checks all over the globe (at member sites of course) for use of your identity. If it is used somewhere you are immediately informed and have the possibility to take action. As identity is the most important aspect within security […]
Posted in Security Architecture on Jun 6th, 2009
In a Swedish newspaper today there was a rather interesting article regarding The PirateBay-trial and all events surrounding it. Apparently Henric Pontén got his named changed to Pirate Pontén. The interesting part in this is that you could have your name changed without any authentication at all. Someone only needs to send in a filled […]
Posted in Security Architecture on Apr 19th, 2009
During a meeting I was told that many customers in UK view Jericho documentation as only a description of what is happening, not a toolkit for actually solving the security problems that arises. When thinking of it they may be correct in some sense. The documentation is rather high level and is not technically useful […]