|
||||||
Consumerization of IT–How to address thisBring Your Own Device or Consumerization of IT are fairly hot themes in a lot of customer organizations. When I talk to customers, there are typically different reactions, once we bring this up. Some tell us, that it is not part of their strategy; some tell us that they plan to do it but that they have a hard time figuring out, how to secure such an environment; very, very ... 
10 Years of Trustworthy Computing at MicrosoftBefore joining Microsoft a little bit more than 10 years ago, I ran a team at PricewarehoureCoopers on e-Business Risk Management – classical security consulting in the Internet bubble time. When I announced that I will leave PwC and join Microsoft, I got interesting reactions (and remember, this was 2001). Mainly they were along two lines: Oh, you are joining a desktop company? ... 
10 Reasons to migrate off Windows XPI would like you to sit back, close your eyes and think about the year 2001. Think about how you used technology back then, how you used the Internet. Now, let’s take it a little bit further back in history and think of the year 2000. Just after we realized that the Year-2000-Problem was handled very well by the industry. How you used technology, how you used the Internet, the ... 
Office 365 Becomes First and Only Major Cloud Productivity Service to Comply With Leading EU and U.S. Standards for Data Protection and SecurityA long title but this was the title of the official press statement yesterday. Compliance is always a key question in the public cloud space. Therefore it is very important for us that we now achieved three things: Office 365 is compliant with EU Model Clauses, Data Processing Agreements and ISO 27001 among other standards. Office 365 is the first and only major ... 
This is not surprising as I guess they are not alone: China’s Blue Army of 30 computer experts could deploy cyber warfare on foreign powers However, what really scares me is, that I expect governments to train more people than they really need – or some of them might be laid off during priority shifts . . . → Read More: China’s Cyberwar Capability–Make Sure They Have Jobs Great progress on our Cloud: Our BPOF-Federal solution has received FISMA certification and accreditation: BPOS-Federal & FISMA Yes, we really have it for BPOS-F Roger This paper by the Geneva Centre for the Democratic Control of Armed Forces (DCAF) was just brought to my attention. A piece of work, which is definitely worth working through. It lays out the problem space and then does a deep dive into the different sections: Governments Legislative Bodies The Armed Forces Law Enforcement Judges . . . → Read More: Cyber Security: The Road Ahead A few years ago, I wanted to run an exercise with our incident response team in Switzerland. A customer, the government and me came together to develop the goals and the scenario. One of the key question we tried to answer together with the university, which we wanted to use as observers was, whether we . . . → Read More: Mutual Authentication in Real Life–Launching a Nuclear Missile… My manager was on the Tokyo airport, when the earthquake started. We had a chat yesterday about this – he is back home in the meantime – and he told me that he was very surprised that, while the phone network broke Internet still worked and he was able to call his wife immediately after . . . → Read More: Internet Surprisingly Stable in Japan It is a repeating pattern but not the less disgusting. Whenever bad things happens on the globe, the criminals are not far. This happened during hurricane Katrina, the tsunami in Indonesia, the earthquake in Haiti and now, not surprisingly in Libya as you can read in this blog post by Sophos: Violence in Libya exploited . . . → Read More: Libya Violence Exploited by Scammers The longer the more I see articles and posts that claim that security could actually improve if you migrate to the Cloud. And the longer the more I am a firm believer of these statements. It is not about forgetting best practices and just handing over everything to the Cloud provider. It is about adapting your practices to the new reality. . . . → Read More: Quit Worrying About Cloud Security? I often read two kinds of articles when it comes to ISPs and protecting privacy. In side asks for as much privacy as possible, the other one for transparency to fight cybercrime. What is our real goal? What is the role of ISPs in fighting crime? An interesting study by the OECD in comparison with an article I read today. . . . → Read More: Fighting Crime and Protecting Privacy–a Contradiction? Often, when governments look into Critical Infrastructure Protection, they start to build a CERT (Computer Emergency Response Team) or a CSIRT (Computer Security and Incident Response Team). The questions then always comes up: How do you do that? ENISA (European Network and Information Security Agency) just published a step-by-step guide on how to do this . . . → Read More: How to Build a CERT I blogged about my attendence at the above mentioned UNODC meeting. This is a short summary on how I preceived the meeting. . . . → Read More: Conclusion on UNODC: Open Ended Expert Group on Cybercrime |
|
|||||
|
Copyright © 2012 Roger Halbheer on Security - All Rights Reserved Powered by WordPress & Atahualpa |
||||||
