“A Failed State of Security”; Deterrence Theory & CyberCrime (Research Brief) March 5, 2012
Posted by Chris Mark in Industry News, InfoSec & Privacy, Risk & Risk Management.Tags: Chris Mark, cybersecurity, data breach, data security, deterrence theory, markconsultinggroup.com, PCI DSS, security
add a comment
Expanding on the concept of Rational Deterrence and its effect on crime, we have published a research brief on Deterrence Theory and Its Effect on CyberCrime. The brief outlines the failing strategy of compelling companies to prevent breaches without deterring those who commit the crimes. You download the brief (all 25 pages) here. Below is a short excerpt:
“At RSA’s annual security convention, the head of the Federal Bureau of Investigation, Mr. Robert Mueller stated, on February 28th, 2012, ominously: “There are only two types of companies. Those that have been hacked and those that will be.”[1] At the same event, the CEO of RSA, told the audience: “Our networks will be penetrated. We should no longer be surprised by this.” He further stated: “The reality today is that we are in an arms race with our adversaries, and right now, more often than not, they are winning.”[2] The comments, while accurate, are late in coming. RSA, one of the worlds’ largest security vendors, was breached in 2011. The breach was more than a simple theft of customer data. The breach was a theft of intellectual property that compromised the infrastructure of RSA’s 2-factor authentication system known as SecureID. This potentially exposed thousands (if not more) of companies to a bypass of their own access control mechanism.
RSA’s CEO then continued: (more…)
Updated Whitepaper- Deterrence Theory & Modern Piracy December 19, 2011
Posted by Chris Mark in Piracy & Maritime Security, Uncategorized.Tags: Chris Mark, combating piracy week, deterrence theory, mark consulting group, Piracy & Maritime Security, rational actor, risk management, Somalia
add a comment
I spoke on this topic at the Piracy Week event in London this past October. It was a well received presentation so I thought I would repost the whitepaper with a few updates. Deterrence theory plays a part in crime prevention, security and even dealing with teenagers ;). You can download the paper here.
Understanding how people respond to deterrents as well as the rational actor model will help develop strategies for dealing with piracy and other crimes. It should be noted that deterrence theory really goes out the window once someone is taking action for ideological purposes. (that is my disclaimer)…pic was taken from johnbsheldon.com
Global Security, Privacy, & Risk Management 