Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for March 3rd, 2009

Ehhh, That First Ammendment? It’s A Suggestion Really…

with 2 comments

First Amendment speech and press rights may also be subordinated to the overriding need to wage war successfully,” Yoo wrote, adding later: “The current campaign against terrorism may require even broader exercises of federal power domestically.”

John Yoo, Bush Administration Secret Opinion Memo: 2001

There you have it. Yoo advocated the subordination of “Free Speech” aka the “First Ammendment” Kinda just pisses you off huh? Yeah, they are gone, but their true believers still want to run the country again…

Full article here

Written by Krypt3ia

2009/03/03 at 00:31

Posted in .gov, EPIC FAIL, What the???

Analysis: Experts discuss security in a recession

leave a comment »

Benchmarking study highlights where firms are failing

Phil Muncaster, vnunet.com 27 Feb 2009

A recent benchmarking study by PricewaterhouseCoopers (PwC) suggests that much work still needs to be done to ensure that a combined IT and corporate security function is adequately prepared to protect businesses from 21st century threats.

The consultancy firm approached 10 of its FTSE 100 clients to carry out the study, finding that many lacked a joined up approach to security which led to silos in IT security, as well as other areas like anti-terrorism and intellectual property infringement, without any cohesion.

The exercise resulted in six key findings, including the need for greater collaboration between departments, and better understanding of the risks from third parties as more and more services are moved offshore.

The rest of the article here

The six key findings are here:

1) The need for better business continuity plans and infrastructure

2) Not enough “Risk Analysis”

3) Lack in better vetting of employees

4) Lack of understanding of information assets and their classification

5) Lack of good leadership in IT security

6) The need for better collaboration between departments

PWC also noted the following:

Cost-cutting has led in some cases to firms outsourcing and offshoring more business-critical processes than ever before, which increases the risk of data loss, Frost warned.

“It is unfortunate that information security teams rarely get involved [at the beginning], and the level of involvement needs to increase,” he said.

Well, there you have it. Condensed down to some bullet points are the malaise that hamper information security from functioning properly in a preponderance of companies today. Of course there are more, but, it would be too long to go into it all here. Believe me, I have seen this in many places and they are pretty much on the mark here. What is more scary though, as my posting from yesterday points out, is all that outsourcing going on.

As we sink deeper into recession (or depression) one has to wonder if all of these things will just be forgotten and thrown by the wayside….

Written by Krypt3ia

2009/03/03 at 00:09