“The Weakest Link”- Insider Foils Underwear Bomb Plot May 8, 2012
Posted by Chris Mark in Risk & Risk Management, terrorism, Uncategorized.Tags: al qaeda, Chris Mark, mark consulting group, operational security, security, terrorism, underwear bomber
add a comment
I have written extensively about the weakest link in any security program being the actual people responsible. While we understand this point from a “good guys” perspective, it is just as true for our adversaries. MSNBC reported today that the underwear bomber who was supposed to blow up a jet liner this month had been working for US and our Allies since day one and was a paid informant. As stated on MSNBC: “An insider who worked with the United States and an allied security service to thwart an al-Qaida bomb plot hatched in Yemen was the man picked to carry out the suicide attack on a U.S.-bound airliner, U.S. and Yemeni officials tell NBC News. An unidentified Yemeni government official, speaking on condition of anonymity, said the supposed suicide bomber was working for Western intelligence “from day one.”
The interesting point of this story is that it does not matter whether we are talking about nuclear facilities, cybersecurity, or counter terrorism, the human element always plays a role and is always the most unpredictable. While the group that sent the man on his suicide mission clearly believed he was a ‘true believer’ willing to give his life for their cause, it appears that he had another agenda. This is the challenge with security. Trust but verify is a mantra that rings true in all aspects of security. Thank goodness the group that tried to blow up the airliner acted on faith and not solid security principles.
Nexus Security Calls for Investigation into Maritime Pirate Shooting April 20, 2012
Posted by Chris Mark in Piracy & Maritime Security, Uncategorized, weapons and tactics.Tags: Anti Piracy, armed security, Nexus, SAMI, Somalia
1 comment so far
In a recent press release, Nexus Consulting Group’s Founder and President calls for the recently released video of armed security firing on pirates to be investigated. You can view the video here. It appears to be an American company firing on a Somali boat. As stated by Mr. Doherty: “As president of Nexus Consulting, a leading provider of armed security teams in the defense of mariners against Somali pirates, I would like to personally note that though we are operating quite regularly conducting anti-piracy missions, the team in this video is not a Nexus team,” Nexus also provides some valuable vetting questions for those considering maritime security. (more…)
“Oh the humanity!”- Financial Institution Breached 3 Times in 2 Weeks! April 4, 2012
Posted by Chris Mark in Data Breach, Industry News, Uncategorized.Tags: bank robberies, Chris Mark, data breach, Global Payments, InfoSec, mark consulting group, PCI DSS, risk management
add a comment
STOP THE PRESSES! According to the Patriot Ledger, a financial institution’s security was breached 3 times in 2 weeks and assets were stolen. The media, however, has been quiet on the story. I have not heard a single Gartner or other analyst publicly eviscerate the financial institution for their poor security practices nor has Information Week, CNN, or any other major media outlet opined on the breaches. Why?
The financial institution was a actually a bank branch and the breaches were not data thefts rather they were good old fashioned bank robberies. In 1968, in response to increasingly violent and frequent bank robberies, the US Government passed the Code of Federal Regulations Title 12 part 208.61- Bank Security Procedures. The purpose of the Act is as follows: (more…)
More Security Theater – “CyberCops and Robbers” March 15, 2012
Posted by Chris Mark in Industry News, Risk & Risk Management, Uncategorized.Tags: bank robberies, Chris Mark, fbi, mark consulting group, risk, security, security theater
add a comment
Today in my Google alerts, I had a story from FoxNews (…ahemm) titled “CyberCops and Robbers; Digital Posses to Bust Bank Robbers” After reading the article, I had to write a post and discuss (rant?) about the fluff that is being proposed. The article talks about a new initiative by the FBI and select banks where banks that comply with certain rules and agree to be involved in the program get to post a “badge” on their door like the one in this post.
There are so many flaws and issues with this approach, I don’t know where to start. This is Security Theater at its finest. For those who are unfamiliar with the term, Bruce Schneier, in his book Beyond Fear, coined the phrase security theater. Security theater describes security countermeasures intended to provide the feeling of improved security while doing little or nothing to actually improve security. (more…)
“Black and Tans”?! Really?…A Little Market Research Can Prevent Embarassment March 13, 2012
Posted by Chris Mark in Industry News, Uncategorized.Tags: black and tans, branding, che guevara, Chris Mark, mark consulting group, marketing, nike, security
add a comment
This is a bit off topic but relevant, nonetheless. I was talking to some acquaintances about the upcoming US elections and somehow the topic turned Mexico, Guatemala, and finally to Che Guevara. My friends said: “Che who?” I almost fell over but, due to my extensive Marine Corps sensitivity training, instead I replied with a loud and derisive: “What the Hell!? Are you kidding me?! You don’t know who Che Guevara is?!“ I didn’t really say that, but I should have 😉 How can any American now know about Che Guevara? Again, I digress…You can read about him here.
Today, I am reading the news and there is a story about how Nike, in honor of St. Patrick’s day, named a new shoe the “Black and Tan”. The blog readers from the UK and Ireland are probably picking themselves off the floor right about now. My mental response to the news was: “WTH!? You named a shoe the Black and Tans?!“ (more…)
Global Security, Privacy, & Risk Management 