I was doing some reading on the distribute.it hack and stumbled onto a reference to a Risky Business podcast on probablistic risk assessments. It’s a great argument as to why risk assessment does not work well in the information security space. The basic thesis is you can’t assign a probability to a serious attacker. … Continue Reading Commentry on Probablistic Risk Assessments
Very belatedly I’ve been looking into the Stuxnet worm. Interesting new world we find ourselves in. This thing was surgical – not only damaging the equipment but hiding its footsteps. The question you have to ask though is if this is the one we know about – how many are out there that we don’t?
Network World have an interesting article based on a Forrester research report on iPhone and iPad security, arguing it’s good enough for most cases.
I’ve been thinking about a concept lately that came up in a discussion around security’s “Hierarchy of Needs”. Most people would be familiar with the basic concept from Maslow’s Hierarchy of Needs – the idea being that all humans have a set of needs, and the higher level needs can never be truly satisfied until… Continue Reading Security’s “Hierarchy of Need”