Unusual Data Breaches, and other posts
I am a guest blogger at a number of other sites. Here is a sampling a some of my recent posts.
The greatest threat to data is also the least studied
Physical loss of information was difficult to quantify, so said the editors of the 2014 Verizon Data Breach Investigations Report (DBIR2014) that came out this month. That imprecision is why your cyber security precautions mean squat against the gargantuan physical risk you face.
The report, anxiously awaited each Spring, this year included a summary of ten years of breach data. Among the findings is a section on Physical theft and loss. The editors described physical loss of information not sexy and “cyber-y,” and the numbers about this type of information leakage a little iffy. However, they rightly point out that physical loss is among the most common causes of data loss/exposure.
In short, they claim that one of the most common types of information loss is also the least measurable. Read it here
Balanced Scorecard for Security
Security executives who’ve used the Balanced Scorecard over the years, set their IT budgets by first determining the strategic role that security will play in the organization, then established a companywide funding level that enables security programs to fulfill that objective. Since the first step in implementing a Balanced Scorecard starts with strategy, it follows that this can be an effective method for aligning security with that strategy. Read it here.