QOTD on e-spying

A knowledge economy needs to protect from exploitation the intellectual property at the heart of the creative and high-tech industry sectors.
-- Iain Lobban, director of the Britain's Government Communications Headquarters (GCHQ)

Src: Cyber Threats Very Real For Britain: Official | RedOrbit.com

QOTD on Patient Data

Patient information is like radioactive material [...] It must be protected. It must be contained. It cannot be taken out of the building, sent out of the building, or looked at inappropriately if the employee is not permitted to access it.

The problem is students and employees and younger folks coming into work think of Facebook and Twitter as something you do. Just as you shouldn't be saying anything about patients on the telephone, you shouldn't be Twittering or Facebooking about work.
-- Arthur R. Derse, MD, director of the Center for Bioethics and Medical Humanities at the Medical College of Wisconsin in Milwaukee

Src: Containing the Patient Privacy Breach | HealthLeadersMedia.com

QOTD on Patching

Unlike IT systems, users cannot be patched and will always be vulnerable to manipulation and infection.
-- Uri Rivner, head of new technologies, identity protection and verification at RSA

Src: RSA Europe 2010: Trojans are going after all businesses, not just banks, says security expert - 13/10/2010 - Computer Weekly

QOTD on Smart Grid

The more proliferation there is of intelligent metering and energy usage, the more opportunities there are for attackers.
-- Heath Thompson, CTO at metering company Landis+Gyr.

Src: Cyber attacks on utilities tipped to soar > Application Security > Network Access > Access Control > News > SC Magazine Australia/NZ

QOTD on Communication

The security of corporate information will stand or fall by the ability of the organisation’s various functions to communicate clearly and effectively with one another. It takes all teams to sustain a meaningful dialogue, so a change in mindset is needed from all sides.
-- Richard Sykes, PwC Governance Risk and Compliance Leader

Src: PricewaterhouseCoopers Media Centre - Speaking the same language: Five key steps for the business, IT and security leader
Src: Direct link to article (PDF)

QOTD on the Need for a Security Collective

Just as when an individual who is not vaccinated puts others' health at risk, computers that are not protected or have been compromised with a bot put others at risk and pose a greater threat to society.
Simply put, we need to improve and maintain the health of consumer devices connected to the Internet in order to avoid greater societal risk.
-- Scott Charney, Corporate VP of Trustworthy Computing at Microsoft

Src: The Need for Global Collective Defense on the Internet - Microsoft on The Issues - Site Home - TechNet Blogs

QOTD on Security Hampering Productibity

The blade guard on my power saw hampers my productivity in cutting wood, but chopping off my hand or even just a few fingers tends to also have an impact on my productivity. That said, there are a lot of very, very silly URL blocking and email policies in place out there that *do* impact productivity, *don't* increase security and *do* encourage users to bypass IT systems.
-- John Pescatore, VP Gartner Inc.

Src: SANS NewsBites Vol 12 Num 78

QOTD on Stuxnet-like weapons

A cyberweapon like Stuxnet threatens nation-states much more than it threatens a non-state actor that could deploy it in the future. [...]

In short, like every other major new weapons system introduced since the slingshot, Stuxnet creates new strengths as well as new vulnerabilities for the states that may wield it.
-- Caroline B. Glick, writing for The Jerusalem Post

Src: Column one: The lessons of Stuxnet | JPost.com