“Black and Tans”?! Really?…A Little Market Research Can Prevent Embarassment March 13, 2012
Posted by Chris Mark in Industry News, Uncategorized.Tags: black and tans, branding, che guevara, Chris Mark, mark consulting group, marketing, nike, security
add a comment
This is a bit off topic but relevant, nonetheless. I was talking to some acquaintances about the upcoming US elections and somehow the topic turned Mexico, Guatemala, and finally to Che Guevara. My friends said: “Che who?” I almost fell over but, due to my extensive Marine Corps sensitivity training, instead I replied with a loud and derisive: “What the Hell!? Are you kidding me?! You don’t know who Che Guevara is?!“ I didn’t really say that, but I should have 😉 How can any American now know about Che Guevara? Again, I digress…You can read about him here.
Today, I am reading the news and there is a story about how Nike, in honor of St. Patrick’s day, named a new shoe the “Black and Tan”. The blog readers from the UK and Ireland are probably picking themselves off the floor right about now. My mental response to the news was: “WTH!? You named a shoe the Black and Tans?!“ (more…)
POPSatire…my ‘other blog’…;) March 13, 2012
Posted by Chris Mark in Industry News, Uncategorized.Tags: humerous, pop satire, pop silver star, popsatire.com, silver star
add a comment
On GlobalRiskInfo.com I try to keep the discussion professional, timely, and on topic. A few readers know that I maintain a less “sophisticated” blog called POPSatire. Upon request of a couple of readers, I am putting a link to POPSatire on this blog. On POPSatire, I take shots at POP culture, POPular people, soda POP, and generally anything that merits a rant for the day. In truth, my primary topics are around those who lie about their military service and a few other things. As a ‘chrome dome’ myself (bald headed man), I even take a shot at the bad comb-over. If you want to see my acerbic wit in action (look…I am edumecated 😉 then take a spin through www.POPSatire.com.
Turncoat Rolls on Anonymous March 7, 2012
Posted by Chris Mark in Industry News, InfoSec & Privacy.Tags: Chris Mark, cybersecurity, InfoSec, InfoSec & Privacy, security
add a comment
This is a post I struggled to write. I struggle because I do not personally agree with LulzSec’s or Anonymous’ objectives and tactics but this post is not about their tactics or views. Rather it is a discussion in ethics and honor between people and lessons to be learned about human behavior. The links have some very interesting stories of how “Sabu” turned on his own group.
As a young Marine I remember an old salty Gysgt. telling us: “Courage is not a lack of fear. That’s what we call crazy. Courage is when you are afraid and still being able to act in the face of your fear.” (more…)
“A Failed State of Security”; Deterrence Theory & CyberCrime (Research Brief) March 5, 2012
Posted by Chris Mark in Industry News, InfoSec & Privacy, Risk & Risk Management.Tags: Chris Mark, cybersecurity, data breach, data security, deterrence theory, markconsultinggroup.com, PCI DSS, security
add a comment
Expanding on the concept of Rational Deterrence and its effect on crime, we have published a research brief on Deterrence Theory and Its Effect on CyberCrime. The brief outlines the failing strategy of compelling companies to prevent breaches without deterring those who commit the crimes. You download the brief (all 25 pages) here. Below is a short excerpt:
“At RSA’s annual security convention, the head of the Federal Bureau of Investigation, Mr. Robert Mueller stated, on February 28th, 2012, ominously: “There are only two types of companies. Those that have been hacked and those that will be.”[1] At the same event, the CEO of RSA, told the audience: “Our networks will be penetrated. We should no longer be surprised by this.” He further stated: “The reality today is that we are in an arms race with our adversaries, and right now, more often than not, they are winning.”[2] The comments, while accurate, are late in coming. RSA, one of the worlds’ largest security vendors, was breached in 2011. The breach was more than a simple theft of customer data. The breach was a theft of intellectual property that compromised the infrastructure of RSA’s 2-factor authentication system known as SecureID. This potentially exposed thousands (if not more) of companies to a bypass of their own access control mechanism.
RSA’s CEO then continued: (more…)
(URGENT) NASA’s JPL “pwnd” (owned) by Chinese Hackers March 1, 2012
Posted by Chris Mark in Industry News, InfoSec & Privacy.Tags: chinese hackers, Chris Mark, cybersecurity, InfoSec, JPL, NASA, security
add a comment
According to a report on Foxnews, Chines hackers took control of NASA’s Jet Propulsion Labratory in November, 2011. According to a report issued by the Inspector General the hackers had sufficient control that it: “…could have allowed them delete sensitive files, add user accounts to mission-critical systems, upload hacking tools, and more” He further stated that: “The attackers had full functional control over these networks,” The information was released in the report released on February 26th, 2012 titled (download here): “NASA Cybersecurity; An Examination of The Agency’s Information Security.”
The report further stated: “In 2010 and 2011, NASA reported 5,408 computer security incidents that resulted in the installation of malicious software on or unauthorized access to its systems,” … “These incidents spanned a wide continuum from individuals testing their skill to break into NASA systems, to well-organized criminal enterprises hacking for profit.”
This is yet another example of the sophistication of hackers. It is not longer feasible to rely upon network or even application layer controls. It is imperative that companies protect the proverbial crown jewels by encryption. On that note (I have no relation to the company at all) one of my favorite encryption vendors is a company called Vormetric. Check out their website here or visit their blog here. XWMDG8UN4JGC
Global Security, Privacy, & Risk Management 