“Failed State of Security” Part II; Cybercrime Victim Blaming May 18, 2014
Posted by Chris Mark in Uncategorized.Tags: causality, cause, Chris Mark, compromise, crime, cybercrime, data breach, deterrence, hack, PCI DSS, security, Target, theft, victim blaming, victimization
add a comment
I am proud to release another research brief that is Part II of my “Failed State of Security” series in which I discuss and analyze victim blaming in the context of data security. In 2012 I published a research brief titled “A Failed State of Security: A Rational Analysis of Deterrence Theory and The Effect on CyberCrime.” in which I discussed the failing of law enforcement, and cybersecurity to deter cyber events and discussed the theory of deterrence and the need for deterrence within cybersecurity. You can download the article on IDGA’s website or on my own website here. This paper is part II of the “Failed State of Security” series. Started after the Target data breach, this topic is one that has always been close to me. In April 2009 I wrote an article titled “Lessons from the Heartland Breach” which was published as the cover story by TransactionWorld magazine.
Victim blaming is common in sexual assault, as well as other types of crimes. A quick Internet search will demonstrate scores of instances in which the victim of a violent is blamed for being victimized. When we include a large, corporate entity it becomes easier to point the accusatory finger at the organization. Whether due to Schadenfreude or some other reason, people want to blame companies that are victimized by hackers. Did the company “cause” the breach? Were they somehow complicit in the attack? What do we mean when we say “cause”? What is a causal fallacy? These, and many more topics, are discussed in Part II of the “Failed State of Security” series. I invite you to download “Failed State of Security Part II”; Victim Blaming in Cybercrime. As always, I welcome any comments or debate on the topic…
“The Fortress Mentality & Data Compromises” – Chris & Heather Mark in August 2012 TransactionWorld Magazine July 31, 2012
Posted by Chris Mark in cybersecurity, Data Breach.Tags: Chris Mark, compromise, data breach, data theft, Heather Mark, mark consulting group, mastercard, PCI DSS, transaction world, visa
add a comment
This month’s TransactionWorld magazine includes an article by me (Chris Mark) titled: “The Impact Of the Fortress Mentality and Today’s Compliance Strategies”. The article discusses, among other things, the Global Payments breach, PCI DSS compliance, and provides an overview and opinion on today’s focus on compliance with static standards as opposed to risk based information security. One important note. I neglected to send an updated BIO to the editor so it still references my position at ProPay. I have not worked at ProPay for over a year 😉 You can read more about my company Mark Consulting Group at www.MarkConsultingGroup.com.
Heather Mark is also in this month’s TransactionWorld with an article titled: “After the Compromise: Incident Response Plans and Mitigating the Damage” Heather speaks about data compromises and provides good insight into strategies companies can employ to minimize the impact of such breaches.
Global Security, Privacy, & Risk Management 