|
||||||
10 Years of Trustworthy Computing at MicrosoftBefore joining Microsoft a little bit more than 10 years ago, I ran a team at PricewarehoureCoopers on e-Business Risk Management – classical security consulting in the Internet bubble time. When I announced that I will leave PwC and join Microsoft, I got interesting reactions (and remember, this was 2001). Mainly they were along two lines: Oh, you are joining a desktop company? ... 
10 Reasons to migrate off Windows XPI would like you to sit back, close your eyes and think about the year 2001. Think about how you used technology back then, how you used the Internet. Now, let’s take it a little bit further back in history and think of the year 2000. Just after we realized that the Year-2000-Problem was handled very well by the industry. How you used technology, how you used the Internet, the ... 
Office 365 Becomes First and Only Major Cloud Productivity Service to Comply With Leading EU and U.S. Standards for Data Protection and SecurityA long title but this was the title of the official press statement yesterday. Compliance is always a key question in the public cloud space. Therefore it is very important for us that we now achieved three things: Office 365 is compliant with EU Model Clauses, Data Processing Agreements and ISO 27001 among other standards. Office 365 is the first and only major ... 
Cybersecurity–More than a good headlineA lot of governments all across the globe are working on starting, restarting or pushing their Cybersecurity initiative. What often concerns me is, that the last real headline has more impact on the strategy and the themes to be addressed than a structure or a plan or a strategy. This made us thinking about what is needed to run a successful Cybersecurity Agenda within a country? What themes ought to be ... 
Internet Telephony Has Security Problems: This was an interesting read this morning for different reasons: First of all, it is not surprising (even if we would not have known the problems it would have to be expected). I liked the statement: The goal is to raise awareness about flaws in these systems – and . . . → Read More: Security Risks of VoIP Does not solve any of the security problems (challenges?) but it sounds promising anyway Building A Faster Internet Roger I start to get scared – more and more. Back in September I blogged on Critical Infrastructure Protection – Live which shows what would happen if somebody would be able to tamper with power generators. Now, during RSA there was a guy called Ira Winkler telling the audience that they had the job to do . . . → Read More: How long does it take to hack a Power Plant? This is actually an interesting statement. If you had ever to deal with the press you know how these headlines are composed. It might be that the person actually made the sentence in this way – the question is whether he meant it so absolute. Nevertheless, if you read the corresponding article on darkReading, I . . . → Read More: “The Security Business has no Future” (Quote by IBM) Last week we published – as you hopefully know – our “End to End Trust” whitepaper. If not, please read my blog post on it J Now, Eric Bidstrup just commented on End to End Trust in the light of the Security Development Lifecycle (or better: the other way around). It might be interesting . . . → Read More: SDL and End to End Trust I was in Bratislava this week for an IDC Conference. During these kind of events I often talk to the press as well. Additionally I had this time the opportunity to talk to a pretty well-known blogger in Slovakia called Jozef Vyskoč. You may have a look at his blog (provided your Slovakian is better . . . → Read More: The ideal profile of a CSO The Federal Institute of Technology in Zurich released a study at Blackhat, which is definitely worth looking into. Now, let’s be serious: They looked at a metric they call 0-Day-Patch being the number of patches a vendor is able to release at the day of the public disclosure of a new vulnerability. We could . . . → Read More: 0-Day-Patch – An new Metric for Security? Pretty often there is a discussion how far it is allowed to hack back. I was just reading an interesting post called Hackers Could Become The Hacked? which I wanted to share with you Roger Back in March I blogged on a Technology to Circumvent Censorship. I actually expected some dialogue on this but today somebody posted an interesting comment, I think is worth reading. Just click the link above and look at the second comment Roger Ed Gibson, our CSA in the UK had an interview during Infosec with VNunet. He made some interesting statements: We have a good set of laws in place and they have teeth. But the police have priorities and budgets set by the Home Office and Any one of you here would volunteer . . . → Read More: Infosec: Security community must work together |
|
|||||
|
Copyright © 2012 Roger Halbheer on Security - All Rights Reserved |
||||||
