jump to navigation

“NSA Says – Largest Transfer of Wealth…EVER”; CyberAttacks rose 44% in 2011 July 10, 2012

Posted by Chris Mark in cybersecurity, Industry News.
Tags: , , , , , , , , ,
add a comment

Parroting what many in the payments industry have known for years, the NSA released a statement about the dire state of cybersecurity.  According to the head of the National Security Agency cyberattacks increased 44% in 2011 and now account for the largest “transfer of wealth in history”.    According to FoxNews: 

“NSA chief Keith Alexander was speaking Monday at an American Enterprise Institute event in Washington, D.C.  He said that for every company that knows it has been hacked, another 100 do not know their systems have been breached. (emphasis added) The warning came on the same day that thousands of computer users were at risk of losing Internet access, due to malware that spread more than a year ago. Citing public and unclassified statistics, Alexander said Monday there are now 75 million unique pieces of malware on the loose.”

Those of use who have been in the industry for years have said that we are ‘losing the war’. I have personally been chastised for making such doom and gloom statements.  The facts are the facts however.  Hiding our head in the sand will not change the fact that “The criminals are absolutely ripping us to shreds,” and that “We’re losing the battle…That’s the reality of it.” (Chris Mark quoted in Salt Lake Tribune...pic at top).  In yet another push at self promotion..you can read one reason we are losing the battle in the IDGA research brief: “A Failed State of Security”.

Combining Blog Content (GlobalRiskInfo / DrHeatherMark) May 31, 2012

Posted by Chris Mark in News, Politics.
Tags: , , , , , , ,
add a comment

In the near term I will begin integrating blog content from Dr. Heather Mark’s privacy and payments blog. This will give new information and insight into privacy, regulatory, and information security issues. We will be combing both blogs into GlobalRiskInfo. Please stay tuned and, in the meantime,take a spin through Heather’ blog!

 

Risk 101 and my new $500 Million Fortune- Goodbye Work! March 29, 2012

Posted by Chris Mark in Risk & Risk Management.
Tags: , , , , , ,
add a comment

I have written a number of posts on risk and probability in the past.  You can read them here.  As I was on the phone with a good friend last night talking about buying our Mega Millions lottery tickets for the very first time, I was struck by how amusing the whole situation was. My wife and I were talking with our friends about a strategy to buy lottery tickets.   I was talking about buying lottery tickets for the very first time!  First, they don’t sell MegaMillions in Utah, and I have never played the lottery.  Why? I recognize that the chances of winning are infinitesimally small. (~1 in 176 million)  So what changed last night?

The MegaMillions lottery approached $500 million for the jackpot!  Can you believe it?  I am going to be $500 million richer in the next few days!  I just feel it.  I have the winning numbers! Odds be damned! Goodbye GlobalRiskInfo.com and hello life of luxury on my new super yacht Risky Business! (I even have it picked out and named) (more…)

Risk 102: “Security Ain’t Safefy”; Putting Risk In Context March 26, 2012

Posted by Chris Mark in Industry News, InfoSec & Privacy, Risk & Risk Management, terrorism.
Tags: , , , , , , ,
add a comment

In reading through the volumes of blogs, and Linkedin comments on security and risk management a common theme appeared.  When talking about risk management at it applies to security there appears to be a temptation to use the same models and methodologies as those used in safety risk management.  Make no mistake, safety risk management is critical and both aspects may overlap from time to time.  Whether analyzing auto accident risks, designing industrial equipment or other aspect, it is important to understand and analyze the risk of the activity. The difference lies in the catalyst for the events in question.  (more…)

Risk 102- Lose “A” Match but Win “THE” Game March 23, 2012

Posted by Chris Mark in Risk & Risk Management, weapons and tactics.
Tags: , , , , , , , ,
add a comment

Risk management is about decisions.  Given certain information, people then make decisions that they hope will minimize the risk of a particular outcome.  This post is about risk and decisions.

Years ago I was a young Marine attending the USMC’s Amphibious Reconnaissance School (ARS).  Upon successfully passing the school I would be conferred with the coveted Military Occupational Specialty (MOS) of 0321- Reconnaissance Marine.  Recon Marines operate in very small teams conducting various reconnaissance missions to provide intelligence to the commander. The last phase of ARS training is known as “patrolling phase”.  This is where all the students put their skills to use and run back to back patrols for a week while begin graded by the instructors.

During one of the final patrols we came upon a road known in military speak as a “linear danger area” and were considering a “two man bump” and other techniques to safely cross the danger area.  After having not slept for the better part of a week my mind was a bit foggy.  I asked the instructor: “SSGT, if we apply these techniques can we be confident that we will cross safely?”  He looked at me and said: “Mark, you can do everything by the book and exactly right and still get your entire team killed.  All you can do is make tactically sound decisions and hope for some luck.”  Certainly without meaning to do so, this Marine Staff Sergeant articulated the idea of risk and risk management as well as any academic. (more…)