If consumers weren’t skittish enough, Home Depot recently joined the rapidly lengthening list of big box retailers experiencing sometimes prolonged data breaches: Albertson’s, Dairy Queen, The UPS Store, Sally Beauty, Target, Michael’s, Neiman Marcus, P.F. Chang’s and SuperValu.
More than a few Chief Information Security Officers (CISO) must be nervous. In fact, it may be forcing corporations who do not have a CISO to rethink that strategy. Often the CISO position is folded in with or serves under the Chief Information Officer (CIO) or even, if the CIO reports to the Chief Financial Officer (CFO), as is the case in some organizations, two layers under the seat of power. So, the person charged with security risk management may not have the authority to get things done.
With the recent spate of high profile data breaches, translating the message up the chain or even the perception that the CISO’s job is not important enough to be a direct report may not cut it anymore. Shareholders and customers want answers.
Consumers also are flocking to convenient online sites, where they have few other choices than to use a credit or debit card.
Data breaches, whether prolonged or short lived, especially those that compromise customer information, are black eyes that eventually will force consumers to keep their credit and debit cards at home. Having the man or woman in charge of mitigating IT risk fairly far down the food chain doesn’t look good, no matter whose ear he or she may have.
Michael Daniel, the current White House cybersecurity coordinator, recently admitted to lacking technical know-how; i.e. he can’t code and doesn’t feel the need to learn to do so. Those who have the technical expertise and think it’s important have lit up the Internet with their cries, making it clear that they do not approve.
Does it matter that Michael Daniel can’t code? Read More…
Doug Hendricks, security manager at Sun Microsystems, passed away a few weeks ago.
Doug started his security career working for a security integrator and worked his way to the end-user side of the business over a 27 year period. He started his security career working for CMC in San Jose as a Project Manager on the Lockheed Space and Missile access control project.
CMC was acquired by JWP and Doug transferred to JWP’s Bay Area office where he ran numerous large projects including the BART CCTV project and the Pelican Bay State Prison CCTV project. He had responsibility for engineering and managing the installation of the CCTV, intercom, guard panic and MATV systems.
In 1991, Doug joined Integrated Security Control Systems (ISCS). He was project manager for the Federal Reserve Bank of San Francisco project, where his CCTV design became the standard for many Federal Reserve Banks. Doug then managed a large CCTV installation at Silicon Graphics Corporation. As ISCS’s security contract for Sun Microsystems grew Doug became the Project Manager at Sun’s Bay Area facilities and then became ISCS’s Support Services Manager at Sun Microsystems.
Doug was offered and accepted the position of Manager of Security Systems working directly for Sun Microsystems. In this role he managed Sun’s global access control systems and assisted with developing the current security systems standards, the “Alarm Reduction Program”, the executive protection program, and the “One Badge” project for global access. His latest project, which he engineered and managed, was the access control system conversion from GE/Infographic Systems to GE/CASI Picture Perfect 4.0 System for all Sun's locations globally.
We will miss Doug.
Sorry my phone didn’t have better resolution. Each of the three days of the Expo Seguridad conference, this woman was painted in very tasteful, beautiful ways. Each time with a security theme. The third day was the best. She was painted as a Borg, with a video camera as an eye. The sponsoring vendor is Sermex, a Mexican security products distributor.
Is he evil? Ask some manufacturers and they'll say yes, emphatically. Ask privacy advocates, and they'll praise him for exposing the seeds of Big Brother. Chris Pajet didn't stop at cloning your HID prox card while standing next to you in line at the 7-Eleven.* Now he has begun war-driving through San Francisco, gleaning RFID tags from US Passports. This is another assault on the Western Hemisphere Travel Initiative. Read about it here.
White hats like Chris find the holes in our tech infrastructure that the bad guys also find. I'd rather know about it than keep my head in the sand. Besides, these problems are ususally fixable, so let's fix the problems and not ignore them.
*not sure if he ever did that, but the cloning device he showed me sure could have been used that way.
A reputable news agency reported on Apple’s revolutionary keyboardless laptop.
We all wondered how long the Pelco Jet would keep flying. To many it was the symbol of inefficiency pegging Pelco as an old fashioned company out of touch with its environment. For years the Pelco jet served a purpose, though. It would wisk away Pelco executives, customers and partners to a higher level, helping to solidify sometimes tenuous relationships and removing competitors from the conversation. Pelco really knew how to schmooze its constituents.
Pelco bucks and other perks for the Pelco family bred loyalty, to be sure, but they cost a lot of money. SecurityDreamer has heard that they are gone now, along with the days of high flying customer courtships.
Watch for news of high flying executives at TAC and Pelco, too.
Pelco is being run like a business now.