Compliance versus Security … Coming to Trial?

Compliance is about auditable business processes that are related to meeting legal, regulatory & contractual requirements. Infosec is a confluence of strategic & tactical processes & controls with a goal of ensuring confidentiality, integrity & availability of data & systems.  There is overlap but the two things are effectively different and aimed at different needs… Continue reading Compliance versus Security … Coming to Trial?

Marketplace Analytics … When Knowing Data About You May Benefit You

While reading ComputerWorld’s Fueled by Analytics article in their December 2nd edition I was struck by the company’s use of data collection and analytics to deliver “… cars that most customers want most of the time.” The article immediately thereafter points out that Ford’s Smart Inventory Management System (SIMS) has profited the company thus far by… Continue reading Marketplace Analytics … When Knowing Data About You May Benefit You

Holy Poop! Mandiant. Sold?

NY Times reports ”… Mandiant is being acquired by another major player in the space .. FireEye, Inc. ….” for almost $1bn US dollars. Mandiant is a relatively small company that does HUGE sales to large corporations for security consultation.

Kevin Bacon & the NSA

Members of Stanford Law School’s Center for Internet and Society has published some blogs recently (Nov 13 & Dec 12, 2013) regarding phone metadata and connectedness of individuals via phone calls based upon NSA standards for searching/parsing data about phone calls (from declassified NSA documents). The blogs do not assert that the NSA bypassed legal requirements… Continue reading Kevin Bacon & the NSA