Modus Operandi
January 12, 2009

If every security person put down their tools today and did nothing non-reactive, would anyone hear that tree falling down? Sounds like a stupid question, but have a good think about it? In your organisation, if you just shut your mouth and/or left everyone to their own devices, would anyone care or even notice in the short term that they had no security “expertise” protecting their business?…….A criminal’s paradise (maybe)!

Seriously…..for most organisations, this is their MO. It is!

That would sound crazy I reckon to senior business management when put in those terms. But hey, that’s how you operate now…..have a good think about that Mr CIO. Gees, I wish more CEOs would read security blogs. This is how it is Mr CEO in your business. What?! No one told you?

Context: Talking to a CEO mate of mine who gets no updates on security from his IT Manager. Offered a free “test” of their Internet security (as a start) by Securus Global after talking about numerous “generic” case studies of what we see every day. He’s now nervous (after hearing them)….as he should be. :-) He’ll be okay though……if he’s in the <5% of companies we’ve tested for the first time who have come out “okay”.

Comments (0)
Posted in: Bad Stuff, Dumb Security, Risk Management, WTF, cyber crime


Sucking corporate security budgets dry…..
January 9, 2009

I’ve lost track of all the posts I’ve written on this topic and it never ceases to amaze me that it continues on through good and bad economic times. (Not just in our industry, which is just a small part of overall IT spend). Regardless of sector – critical infrastructure and every sector in general, the larger the business, the more gullible (for want of a better expression) they sometimes seem to be when determining what they spend money on, and with whom.

There’s a heap of exceptions and we work with some great people and organisations, but for every good company who thinks about what they do, there’s at least 20 others who continue to blow good money on bad product and bad services that add little to no value to them. You hear about them year after year and wonder when will someone in there will wake up to the fact that they are being duped?

(more…)

Comments (0)
Posted in: Bad Stuff, Dumb Security, WTF


Calling a Spade a Spade….I Hate that term "Political Correctness"…
January 7, 2009

I laugh at times when someone tells me an email I sent, or something I said in a meeting or teleconference was “too blunt”, and I should have maybe said it in a different way. When someone says; “Maybe that was not the politically correct way….”, that offends me and I cringe. With our clients, there’s obviously a slightly different approach you take to getting the message across than you would when working with colleagues internally in your own business. i.e; You work within the boundaries they [the client] have to work in, and you communicate the message within those boundaries but still aimed at getting the desired result – understanding and reaction to issues that may impact their business negatively.

Security people always seem to be in that quandary as to how best communicate what they know about the security issues their organisation faces – Who will I upset? Should I be blunt with it? Should I sugar coat it? Should I downplay it? Should I just not say anything?

So what’s right?

(more…)

Comments (2)
Posted in: Bad Stuff, Dumb Security, Risk Management


Security Implications for Internet Filtering (Censorship)
January 5, 2009

Looking at the interest from around the world for Matt’s interview published on Ban.This.Url last month regarding the Australian Government mandatory Internet filtering plan. Not surprisingly, no calls to Securus Global from Senator Conroy’s department to discuss our position. But who are we anyway?

Matt took a different approach to most of the anti-filtering arguments and what should have raised some concerns with the government has been brushed like all other arguments before it. One wonders if Conroy is planning to play this out until he gets the result he wants – ie; trying to outstay the critics. Common sense would say this is a ridiculous position to take (as mentioned over and over here) but who knows what their real plans are. This hasn’t been a transparent exercise from the start. A few of the links worth a look. Heaps more on Google.

Beyond the Fringe
Somebody Think of the Children
The Inquirer
Government Security
Overclockers
Hack in the Box

Latest update here. I wonder if it will continue to be “delayed”? :-)

Comments (5)
Posted in: Internet Filtering


Wireless Broadband Woes……

Happy New Year to you all who visit Beast or Buddha. 2009!….gees, 2008 went quick. I suppose everyone is saying that though. I’m still in Townsville and will probably be here until the end of January….a bit of holiday mixed in with a load of work. Securus Global has never been busier.

Optus isn’t making it easy for me though and you really begin to appreciate Internet access speeds in the bigger cities (though far from being world leading in Australia as I’ve mentioned before). I hear from others here that Telstra’s wireless broadband offering is not much better.

I don’t know why or how they can even sell it. It’s not reception that is the killer but rather the load. Most times you get bumped off and at best, you’re working with speeds slower than dial-up. Try loading a web page and you’re in for a 2 minute wait most of the time. The lady at the Optus shop quite openly mentioned; “Yeah…there’s only one tower servicing area X and it can’t cope with the load…pretty much the same everywhere!”. I suppose you’d have to ask; “Why do you keep selling this service up here then?” but you know it’s not going to help much. Given there’s only one other choice and that’s not that good either, what’s their incentive to improve things in the short term?

Big deal?! Not really….actually, I’m more worried about Australia’s slide from the top of the cricket world but that’s another story. Anyway, there’s worse things happening in the world and we’re in a lucky country so we should count our blessings. Normal transmission resumes soon……..

Comments (2)
Posted in: Uncategorized


« Newer Posts