“See, Hear & Speak no Evil”- Google Censorship Requests June 18, 2012
Posted by Chris Mark in Industry News, privacy.Tags: Censorship, cybersecurity, freedom of speech, google, InfoSec, mark consulting group, privacy, requests, satire
1 comment so far
Google today released information related to the censorship requests by Governments around the Globe. While many are familiar with China and other nations restricting access, it is interesting to see so many “Western” countries requesting censorship. An interesting example is the Canadian Government requesting the removal of “…YouTube video of a Canadian citizen urinating on his passport and flushing it down the toilet. “ To their credit, Google did NOT comply with this request. In another request, Google “…received a request from the Central Police in Italy to remove a YouTube video that satirized Prime Minister Silvio Berlusconi’s lifestyle.” Again, Google did not comply. The interesting part of these requests is that they request removal of material that is typically considered a right of free speech and protest. Satire has been used as a form of protest in West for centuries (look at Voltare, Oscar Wilde…etc.etc.) and civil disobedience (urinating on a passport, is a good example) has certainly been used as form of protest. One has to wonder whether how much more information ‘free’ governments have kept from the public. You can see the Google removal requests here.
Of Payments, Privacy and Social Networks June 13, 2012
Posted by Heather Mark in Industry News, InfoSec & Privacy.Tags: Apple Store, checking in, Girls Around Me, Heather Mark, mark consulting group, privacy, security
add a comment
By now, many of you have probably heard about the smartphone app creatively and aptly named “Girls Around Me.” For those that have not heard, it is essentially an application that aggregates the “check in” location data of women using Facebook, foursquare, and other social, location based services. It then displays for the user the locations and names of “girls around” him (or her, I don’t think the app discriminates). The app promises to “turn your town into a dating paradise.” For privacy professionals, the app sparks an interesting debate. Is privacy infringed if the person in question volunteers the information. On one side of the argument are those that would say “no – if the user has volunteered information then privacy is not compromised by the application.” The converse of that argument, however, is one that centers on a definition of privacy that hinges on the appropriate use of information. If the user did not volunteer the information in an effort to join this “dating paradise” then privacy is certainly infringed. Certainly, one can see that the application in the wrong hands has the potential for misuse. But, what if we use the information for good, rather than evil? (more…)
Oh My!! More than 6 Million LinkedIn Passwords Stolen! June 6, 2012
Posted by Chris Mark in cybersecurity, Data Breach, Industry News.Tags: Chris Mark, cybercrime, cybersecurity, InfoSec, LinkedIn, privacy, security, Stolen Passwords
add a comment
Change your LinkedIn password now! According to an article on CNN, over 6 million LinkedIn passwords were stolen by Russian hackers. LinkedIn also confirmed in their own blog post that some of the posted passwords did match LinkedIn accounts. According to the story: “The 6.5 million leaked passwords were posted Monday on a Russian online forum, camouflaged with a common cryptographic code called SHA-1 hash. It’s a format that’s considered weak if added precautions aren’t taken. Roughly half of the “hashed” passwords have already been decoded and posted online in human-readable text.” You can read more about how Hashes are cracked using Rainbow tables in the awesome post here.
“Use of Force” Webcast – Nexus Consulting Group May 16, 2012
Posted by Chris Mark in Industry News, Laws and Leglslation, terrorism, weapons and tactics.Tags: Keving Doherty, maritime piracy, Maritime Security, nexus consulting, security, somali pirates, Use of Force
add a comment
Nexus Consulting Group is scheduling a webcast for the week of May 21- 25 on the topic of the Use of Force in Maritime Security. Recently, a video surfaced of a maritime security company firing on Somali Pirates. While the topic has been debated, Nexus was mistakenly identified as the company that took action. If you are interested in learning about Use of Force and the legal issues, then contact Nexus at info@ncga.us and note your interest in attending the webcast and we will advise which sessions are available. You can download the Use of Force Primer and follow along document here.
Having previously worked for a maritime security company, I felt pretty informed on the Use of Force and Maritime issues. After speaking to Kevin on numerous occasions, it was apparent that Kevin is an expert on Maritime Security and the industry at large. I always come away from a discussion with Kevin impressed and having learned something new about maritime security. Any knuckle-dragger can carry a gun and use it indiscriminately. It is appropriate, disciplined use of a weapon that separates professional security from amateurs. There are few security companies that I would recommend and that have the expertise to protect ships while minimizing risk to ship owners. Use of force is an critical yet complex subject. I recommend you take the opportunity to listen to an expert on maritime security and definitely take the opportunity to ask questions.
“Wowee wow wow!”; The Costs Of CyberSecurity; Part II May 15, 2012
Posted by Chris Mark in cybersecurity, Industry News, InfoSec & Privacy.Tags: bloomberg, Chris Mark, cybersecurity, data security, InfoSec, mark consulting group, PCI DSS, ponemon
add a comment
In reading the Ponemon/Boomberg report on the costs of cybersecurity, I was shocked to see that companies would need to increase spending 700% to achieve 95% protection. In reading closer, I was even more shocked to see that financial services companies would need to increase spending over 1,270% to achieve 95% protection. Of the 48 financial services firms surveyed the average annual security investment was $22.9 million. To achieve the 95% goal, security investment would need to increase to $292.4 million per year. You can see the results in an interactive chart here.
As stated in my previous post: “CyberSecurity Cold War; Spend Ourselves Into Oblivion”, it is obvious that companies cannot increase security investment 11 fold or even 7 fold. There must be a better answer.
By the way..the “Wowee wow wow” is from Christopher Walken’ character The Continental 😉
Global Security, Privacy, & Risk Management 