The FRSecure Blog

Your Security. Our Passion.

It’s that time of year

The year is coming to an end and you know what that means don’t you?

 

It’s time for us to re-visit 2011 and make our predictions for 2012! In the coming weeks, I’m going to write three articles that will help us close out the year and focus on what’s to come. It’s a tradition now, so we have to do it. ;)

 

The three articles:

  • Revisiting FRSecure’s 2011 Predictions. Anyone can make predictions, but how many are actually willing to look back and see if they were right? We made our predictions on January 13th, 2011 and we’re going to see if we were even close to getting it right!
  • Last year we provided you with “The top 10 most impactful information security stories of 2010“. This year we’re going to give you our top 10 most impactful information security stories of 2011. Are you wondering if your top 10 will match with ours? Stay tuned to find out!
  • Lastly, we’ll break out our crystal ball and make some predictions for the coming year. 2012 is lining up to be a crazy year!

Be sure to stay with us during this series, it’s sure to be some fun. Subscribe to the FRSecure Blog by Email, or using our RSS feed.

 

Want to know more about FRSecure, read about us!

 

-Evan

Share this article

But who’s watching IT?

No really, who’s watching who?

 

What if I told you that there is a 48% chance that your network was breached by a hacker?

 

How would you react if I said that there is a 26% chance (1 in 4) that an IT staff member abused their logon privileges and accessed information that they shouldn’t have?

 

These statistics come the “2011 Survey of IT Professionals” recently published by Lieberman Software. The survey of more than 300 IT professionals contains some interesting, if not alarming information.

Continue reading

Share this article

Healthcare Data Protection, a Sad State

This morning, I finally had some time to sit down and read through the Second Annual Benchmark Study on Patient Privacy & Data Security research report from the Ponemon Institute. The study was conducted to help us understand the current state of information security within the healthcare industry. Overall, it’s a sad story. I’m not an alarmist or the boy who cried wolf, but the results of the study are alarming and people should be shouting for change.

Continue reading

Share this article

Thoughts on the Cyber Intelligence Sharing and Protection Act of 2011

On Wednesday, the U.S. House intelligence committee chairman Mike Rogers (R-Mich.), and ranking Democrat, C.A. “Dutch” Ruppersberger (Md.), introduced the “Cyber Intelligence Sharing and Protection Act of 2011“. The bill has already gained strong support from the telecommunications industry.

 

Does this mean you should support it too? It depends. At the very least, you should know what the bill is, and what it could mean to you.

What is the “Cyber Intelligence Sharing and Protection Act of 2011″?

The bill is an amendment to Title XI of the National Security Act of 1947 (50 U.S.C. 442 et seq.). The bill is meant to foster cooperation and information sharing between the private sector and the government.

Continue reading

Share this article

The Five W’s of Information Security

Information security can be confusing to some people; OK, maybe most people.  Why is information security confusing?  Maybe it’s because we miss some of the basics.

The basics of information security could be summed up by explaining the “What, Why, Who, When, and Where” of information security.

 

The Five Ws of Information Security are:

  • What is Information Security?
  • Why do you need Information Security?
  • Who is responsible for Information Security?
  • When is the right time to address Information Security?
  • Where does Information Security apply?

We could also include the sixth W, which is actually and “H” for How.  The How is why FRSecure exists.

Continue reading

Share this article

RK Dixon Tech Summit Conference Re-cap

On Monday, October 7th, Kevin Orth and I took a trip down to the RK Dixon 2011 Tech Summit conference.  RK Dixon is a trusted business partner of FRSecure, so we jumped at the opportunity to support them and talk to their customers.

FRSecure delivered two presentations at the conference; one titled “Information Security isn’t about Information or Security, It’s about People!” delivered by Kevin, and the other titled “Ten security principles to live (or die) by” delivered by myself.  Both presentations were given to a full room of ~40 IT and business leadership professionals, and the interactivity was awesome!

Continue reading

Share this article

Executive Management needs to be (or get) involved

If there is one thing that stands out time and time again, it’s that too many excellent business leaders are absent when leading in the area of information security.  Why is this?

I’m not going to spend too much time preaching the importance of information security.  I think most people understand that it’s important to protect the information they are responsible for, but I wonder if executive management understands what we are responsible for.  Information security responsibilities is not typically a common topic among business leaders.

Responsibilities

So what are the responsibilities of an executive with respect to information security?

Continue reading

Share this article