Will a Free Market Solution to Privacy and Security Work?

AT&T recently unveiled a Gigabit Internet service in Texas, with a catch.  There are different prices if you opt out of sharing your surfing habits than if you decide you want your personal data to be, well, personal. So in effect, you are paying for privacy – or as AT&T would describe it, getting a…

Details

Gag Me With A Court Order – Again

I recently wrote about efforts by prosecutors and other government agents to keep their work secret, not only from the public, or from the targets of their investigations, but also from the people whose help they need to investigate the matter as well. On February 5, a magistrate judge in San Jose put a limit…

Details

Auto Roboticism

On 60 Minutes last night, Lesley Stahl was shocked, shocked to see that modern automobiles collected vast amounts of information about their owners and drivers, had myriad sensors to collect information and allow remote access to that information, and has little if any security either for the sensors or the data collected. Also shocking is the…

Details

The Anthem Hack – Part Deux – What Anthem Did Right (and Wrong)

In the wake of every hack (and every second and one yard in the Super Bowl) there is a stream of criticism from Monday morning quarterbacks about what should have been done.  (Handoff to Marshawn Lynch, maybe?) But in many ways, Anthem Blue Cross did the best they could, considering the situation. There are several things you…

Details

Anthem Blue Cross – The Five Stages of Hack Response

This week it was Anthem Blue Cross’s time. The health insurance giant disclosed a massive hack, which compromised records for as many as 80 million people.  This included identity information, provider information and financial information, as well as sensitive information like SSN’s.  To their credit, they found the breach themselves and reported is quickly and…

Details

The CISO’s Guide to Getting Stuff Done

Let’s face it.  You know what you have to do.  You have a 30-day plan.  A 90-day plan.  A one-year plan.  A five-year plan.  You have spreadsheets, budgets, and PowerPoints. What you DON’T have is management commitment, budget, resources or even the ear of the right people to get done what you need to get…

Details