Chris Speaking at Piracy Week Hamburg- April 23-26, 2012 April 17, 2012
Posted by Chris Mark in Industry News, InfoSec & Privacy, Piracy & Maritime Security.Tags: Anti Piracy, Chris Mark, combating piracy week, cybersecurity, hanson wade, InfoSec
2 comments
I am off to Hamburg, Germany next week to speak at the 11th Annual Combating Piracy event sponsored by Hanson Wade. If you are in Germany, come by. Hanson Wade puts on some great events. I am speaking for Guardian Maritime Security on the topic of CyberSecurity in the Maritime Industry. Last year I spoke on deterrence theory and the Value of armed guards in the protection of vessels. Protection Vessels International (PVI) will be giving an update on the Evolving and Complex Tactics of Pirates.
As usual, some company will speak on “selecting a security vendor” in an attempt to win business. I would think for 4K Euros people would expect to hear more than a sales pitch from a struggling company…but…I digress.
I am actually excited about attending to catch up with some friends, talk to new clients and most importantly…eat at Subway. That’s right..there is a Subway sandwich store in Hamburg, Germany! Many people are unaware that Marine Corps Snipers and Subway have a long history together.
I may be taking a short hiatus while in Germany but will get back to writing as soon as I return.
(UPDATE)-“Interesting” Logic & Analysis – Verizon’s 2012 Data Breach Report April 17, 2012
Posted by Chris Mark in Industry News, InfoSec & Privacy, terrorism.Tags: anonymous, Chris Mark, CSOonline, cybercrime, hacktivism, InfoSec, mark consulting group, security, Verizon data breach report
2 comments
I received a very insightful comment from one of the Verizon authors and thought it prudent to share. I think this explanation is very helpful for companies looking at infosec controls. Here it is, in part(emphasis added): “You make a valid point about the fact that a determined attacker would simply try again if the first attempt failed. However, our finding that most breaches are avoidable through relatively simple controls doesn’t overlook this as you suggest. Our data show that most criminals aren’t determined to breach a particular victim and likely won’t try again if met with decent resistance. In fact, the extreme opportunistic nature of target selection means they likely won’t even be attacked w certain controls in place because automated probes will skip on down the street after jiggling the door handle a bit.“ You can read the full comment, in ‘comments’. The entire post is you continue reading. (more…)
Another Total Security Failure!?- 750K Socials Stolen in Utah April 10, 2012
Posted by Chris Mark in Industry News, InfoSec & Privacy.Tags: Chris Mark, cybersecurity, InfoSec, mark consulting group, markconsultinggroup.com, security, Social Security theft, Utah Health Department
add a comment
(RANT ALERT) While everyone is fighting over who gets to eviscerate Global Payments in the press today, a major breach of sensitive data goes unnoticed. For the record…Credit Card theft is NOT identity theft. Steal my credit card every day of the week…I have zero liability. Do NOT steal my social or passport or drivers license. We seem to be focused on the wrong data at times. I live in Utah and am pretty sure my wife, and my own 2 year old son’s Social was included in this breach.
Today on Foxnews.com a story was posted about how hackers stole “hundreds of thousands of social security numbers” from the Utah Health Department. Well…this is not entirely accurate. The data thieves did steal the Socials but they also stole medical information and other personal information such as names, addresses etc. The total number of records is nearing 900,000. Here is my beef…according to the story: (more…)
“Privacy, Terrorism, Blowback, and Crime” – Where to start? April 10, 2012
Posted by Chris Mark in Industry News, Laws and Leglslation, terrorism.Tags: al qaeda, Chris Mark, fox news, mark consulting group, Raptor, security, terrorism
add a comment
There is an interesting story on the front page of Foxnews this morning where a self-proclaimed patriot hacker who calls himself “The Raptor” is “…waging his own war on terror..” by taking down online forums used by Al Qaeda sympathizers. Certainly, known, and admitted terrorist organizations are not in the public interest. This blog is not justifying their position their tactics, or anything else they do.
The purpose of this post is to question the value of an individual (if you believe his tweets) taking unilateral action and then basking in the attention given to his actions. While vigilante actions may have a visceral appeal to many (including this author, at times) do actions such as this exacerbate the situation? Additionally, one has to ask whether he is right in taking unilateral action? As an American my gut reaction is to applaud the person but upon closer review, I don’t know if his actions are positive or altruistic.
In espionage there is a term called Blowback that refers to the unintended consequences of a covert action. (more…)
Global Security, Privacy, & Risk Management 