Wednesday, November 28, 2012

Georgia Tech's Cyber Threat Predictions for 2013: Ho hum, Yawn

I don't know if George Tech is first to 'market' with 2013 cyber threat predictions, but this is getting like political polling. New York Magazine ran an interesting piece about polling, and the fact that anyone with a computer can now create a 'poll' and a voracious media will publish the results. Not to slam Georgia Tech, but first, how many predictions can we digest, and why do predictors think we need so many? I guess it likely doesn't matter because so many of the predictions are similar. In fact, if one is reasonably well read, the predictions are obvious.

Friday, November 16, 2012

Battle for information security 'is being won'

... according to  The Global State of Information Security Survey 2013 published by PwC in conjunction with CIO and CSO magazines.

Cautious optimism or delusional optimism?

Monday, November 12, 2012

Huawei too dangerous to do business with?

Here's more on the supply chain security thing from John Dix, editor of Network World.

Last week, three US service providers came out in support of the Chinese companies. (Sorry, I can't find or recall the reference for this.)

In March, the GAO found that defense agencies claimed to have no supply chain security issues, and discovered that DOD had suspect components.

Is this just New Cold War posturing?

Wednesday, November 7, 2012

Volunteering Falls Short on Threat Information Sharing

This is strange, really. I'm surprised that companies don't share information with each other. Many participte in the MITRE progams, such as CVE.

I can understand why they don't want to share with government agencies whose attitude toward sharing is all one-way: you give to us and we'll horde it all.

For more on this, read Threat Intelligence: What to Share?