Far too often we build security for one purpose, only to find it being used for another purpose -- one it wasn't suited for in the first place. And then the security system has to play catch-up.Src: Security and Function Creep | Schneier.com
[...]
Sometimes it's obvious that security systems designed for one environment won't work in another.
[...]
The real problems arise when the changes happen in the background, without any conscious thought. -- Bruce Schneier is Chief Security Technology Officer at BT
QOTD - Schneier on Function Creep
QOTD on People & Security
The human element is the largest security risk in any organization. Most security incidents are the result of human errors and human ignorance and not malicious intent. Therefore, it is critical that significant effort is focused on education and awareness to reduce these occurrences. -- Stephen Scharf, CISO at Experian and the former CSO at BloombergNote: I realize that not everyone will agree with this statement. Still, there is much we can do to get people to think before they click.
Src: Weakest link: End-user education - SC Magazine US
QOTD - Mueller on Cats & Mice
"We are playing cat and mouse and, unfortunately, the mouse seems to be one step ahead most of the time" said Robert Mueller, Director of the FBI, regarding the threat of cyber-terrorism
Src: AFP: Cyber-terrorism a real and growing threat: FBI
Src: AFP: Cyber-terrorism a real and growing threat: FBI
QOTD - Mueller on 1,000 cuts
If hackers made subtle, undetected changes to your code, they could have a permanent window into everything you do. Some in industry have likened this to death by 1,000 cuts. We are bleeding data, intellectual property, information, source code, bit by bit, and in some cases terabyte by terabyte. -- Robert Mueller, FBI Director (US)Src: FBI Director: Hackers have corrupted valuable data | ComputerWorld
QOTD on Cybercrime
In the third quarter of 2009, small businesses suffered $25 million in losses due to online ACH and wire transfer fraud.Src: FDIC: Hackers stole more than $120M in three months from small businesses
[...]
Hackers are definitely targeting higher-balance accounts, and they're looking for small businesses where controls might not be very good. -- David Nelson, an examination specialist with the FDIC.
QOTD on Cyberwar
We grew up fearing the mushroom cloud, now we should fear a roomful of hackers with their electricity and internet bills paid for by a government. -- Raimund Genes, Chief Technical Officer of Trend MicroSrc: Britain applies military thinking to the growing spectre of cyberwar - Times Online
Subscribe to:
Posts (Atom)
