Chris Mark Speaking at 2014 AT&T CyberSecurity Conference August 25, 2014
Posted by Chris Mark in Uncategorized.Tags: adaptive, AT&T, Chris Mark, cyber, deterrence, hack, PCI, risk, security, threat
add a comment
At 10 am on September 3rd, 2014 Chris (that is me) will be speaking at the 16th annual AT&T CyberSecurity Conference in New York City. My particular discussion will be on the Human Element of Security. From providing armed force protection in Mogadishu to unarmed security in a psychiatric ward through information security and anti-piracy work in the Gulf of Aden, I have learned that the underpinnings of security transcend all security domains. My presentation will hit on the concepts of rationality, Knightian uncertainty, parallax, proximate reality, change blindness, deterrence, and threat adaptation to provide tools CSOs can use to make more informed decisions about security.
Rising Phoenix Equine Rehab – Helping Vets with PTSD August 2, 2014
Posted by Chris Mark in Uncategorized.Tags: charity, donate, equine, horse, PTSD, rehabilitation, rising phoenix, therapy, warrior, wounded
add a comment
I recently learned of a great charity called Rising Phoenix Equine Rehabilitation Center that serves two valuable purposes. First, they help rehabilitate horses and second, they provide horse therapy to veterans with PTSD….free of charge! If you are so compelled, please take a look at Rising Phoenix and consider donating.
Judge Tells Criminal a father should have “beat the hell” out of him to prevent crime… July 17, 2014
Posted by Chris Mark in Uncategorized.Tags: child abuse, detroit, jail, james callahan, Latrez Cummings, steve utash
add a comment
While this is not security related, I feel I have to comment on this social issue. According to reports, Wayne County Judge James Callahan told Latrez Cummings that the “…young man who participated in a mob attack on a Detroit-area motorist needed a father to “beat the hell” out of him as a kid to discourage him from committing such a crime…” Mr. Cummings was sentenced to six months in jail for his participation in the gang beating of Steve Utash who was beaten after hitting a child with his truck on a Detroit street. Do I think Cummings is a criminal who should be in jail? Absolutely. Do I think, as Judge Callahan stated that a child needs: “someone to discipline you. Someone to beat the hell out of you when you made a mistake, as opposed to allowing you or encouraging you to do it to somebody else.” No. The fact that a sitting judge would reduce the factors involved in criminality to simply not ‘beating a child’ enough or believe that the way to deter such behavior is through ‘beating a child’ is offensive and demonstrates why our justice system in the US is in shambles. Judge Callahan clearly does not believe that women (moms) are capable of raising or disciplining children and appears to be believe that the only effective way to deter aberrant behavior is to beat a child. This is ignorant at best, and dangerous at its worse. There are many reasons for crime. Judge Callahan needs to learn more about crime prevention and less about ‘beating children’.
Chris Mark @ AT&Ts #ChatDPD talking about Privacy July 8, 2014
Posted by Chris Mark in Uncategorized.Tags: #ChatDPD, AT&T, business, Chris Mark, privacy, security, small
add a comment
Join AT&T tomorrow (July 9th) at 3pm Eastern for an AT&T Small Business Twitter discussion where we will be answering questions related to privacy. You can tweet your questions in real time or follow us in real time at: https://twitter.com/hashtag/chatdpd?f=realtime I look forward to catching up on Twitter!
Chris Mark in July 2014 of TransactionWorld (Proximate Reality) July 1, 2014
Posted by Chris Mark in cybersecurity.Tags: adaptive, Breach, Chris Mark, cyber, decision science, proximate reality, security, threats
2 comments
July’s issue of TransactionWorld Magazine was just released. Click here to read my latest article, “Understanding Proximate Reality to Improve Security” Here is a preview..
“Various reports are published annually that analyze data breaches, opine on the root causes of the data theft and frequently ascribe blame to one party or another. It always invites scrutiny when a well-known security firm or analyst makes a definitive statement such as “X% of breaches could have been prevented through the implementation of basic controls, such as patching.”
This position is not only inconsistent with accepted risk management practices, but also confuses the basic concepts of correlation and causation while ignoring the very human element of adaptation. Unfortunately, companies that subscribe to these simplistic views of the industry and threats are exposing themselves to very real dangers. As supported by the increasing number of breaches identified each year, information security is no longer a domain for amateurs and requires the application of lessons learned from domains such as intelligence, anti-terrorism, and decision science to make effective decisions.
Two important concepts borrowed from the intelligence and anti-terrorism domains can be used to help CSOs and others make relevant decisions related to their risk posture and other aspects of data security. These concepts are known as Proximate Reality and Adaptive Threats.” Read More!
Global Security, Privacy, & Risk Management 