If I really was as clever as people seem to think, I wouldn’t keep managing to create more work for myself. Some day, I will have done enough, but not today.
The trip to Kuwait went as well as it could have done, and I think I got my point across, but the end result is that I now have to do a whole bunch more work. Somehow I did not foresee that outcome – or maybe I did, but it remained subliminal…
At the moment I seem to be having very strange days. Each one certainly has some extremely positive points to it, and great foundations seem to be getting themselves laid for the future, but the present is just looking awfully busy.
The summer is passing quite quickly, and the temperatures aren’t getting so ridiculous as usual. Kuwait is a much hotter place than Dubai, and I have to admit it was pretty toasty up there. The wind was gusting, and you get this weird feeling when that happens, like you’re getting blasted with hot air followed by little jets of cold air. The “cold air” isn’t really cold, it’s just that the crazy hot air stops for a second, which gives the impression of coldness, even though it’s still well over 40 degrees.
Temperatures North of 60 Celsius are not unheard of in Kuwait. Ouchy!
I have a lot to get done before the end of the summer. One of my challenges right now is to find a spectrum analyzer with a detection range up to 18GHz that I can integrate with. I saw these and even nicer again I say these, but they’re pricey. I did find another that was ok, but only works up to 9.4GHz which is a little lower than the client is expecting. Personally I don’t think the 9.4 to 18GHz band is really of any interest to them, but you know what clients are like.
Today my time in the office was broken down into little two minute segments of work interspersed with much longer periods of interruption. I’m looking at my to-do list now and thinking like a lot of it looks like work for the weekend. Sigh
I had one of those odd pangs of insecurity today when the dog sitter sent me a text asking for the wireless password for the house so that he could use the internet while he’s dog sitting. Passwords creep me out they’re so incredibly nonsensical. You go through all the agonization of picking one that’s both memorable and gives you a green light for password strength on all the services, then when somebody needs to use your stuff you just give it away. It doesn’t matter how strong the damned thing is if you give it away!
Of course I could have set up another temporary one for this guy, but I was at the gate getting on my plane. I had to give away my Apple ID a couple of months ago so that we could set up a bunch of iPads we were giving away as corporate gifts. They all needed loading with a bunch of content via DropBox, so needed to add the App. The other guy helping had no Apple ID, so it was all me. I changed it immediately after we’d finished, of course, but then I was totally paranoid for a month afterwards wondering whether somehow somebody was stealing money off my credit card.
You see?? Cyber crime my arse! People steal things by stealing things, not by being a super black-hat mega-hacker.
Interestingly Ramadan doesn’t exist up in the sky – actually, it doesn’t exist in the airport either – and from what I saw in both the terminal and up in the air, there are plenty of Muslims who feel the same way.
Jasper has a little metal bone-shaped name tag with his name and a mobile phone number on the back, along with his Dubai Municipality tag – which is basically his dog license – which dangle from his collar but make no noise at all. That’s mostly because of all the fluff that’s also around Jasper’s neck, which tends to muffle things pretty well.
Nacho also has a name tag. His is shaped like Mickey Mouse’s head (I don’t know why) and also has his name, but has somebody else’s mobile number. We’ll get him a new one soon. He also has a funny little metal bone on his collar too, and when he moves around the entire assemblage jingles like one of Santa’s reindeer.
This is actually quite a good thing, because I can hear him wherever he is in the house and know whether he’s active or not, or whether he’s coming my way. When he first arrived with us this was really useful just to find him, because he’d be away hiding so much of the time. These days he doesn’t hide so much, but he still jumps up at the tiniest sound. He also follows me everywhere – which is the biggest bone of contention (hey…that was a doggie joke!) in the house, because with the rest of the family away I am the only source of attention for two attention seeking animals…and there’s only so much of me to go around!!
Over the last couple of days I’ve noticed that Nacho is managing to venture around and do his own thing a lot more than usual. I hear the jingling from the next room or another part of the house, so I know he’s doing something, but as soon as I move to go find out what it is, he hears me and comes running – then just stands and stares at me like it’s walk time or meal time or scratch under the chin time (and ANY time is scratch under the chin time in Nacho’s day planner).
But finally today – when I managed to persuade both Nacho and Jasper that I was actually asleep on the couch and hence ‘not really there’ – I got to see Nacho playing for the first time! Ok, he was playing on his own, but he was definitely playing. He had one of Jasper’s old rawhide bones and was batting it with his foot then prancing around it like it was going to run away. Then he’d spin around with his tail wagging and have a scratch, then do it again. This went on for a minute or so before he noticed I was watching him, then he got all embarrassed and came over to me for a chin scratch. This is huge progress. It’s the first sign that buried underneath all that neurosis and fear there actually is a dog personality that’s dieing to get out.
One week down. Three to go.
And yet…here I am in a state with no need for any of these draconian measures, virtually no crime on the streets and very little anti-social behavior.
One of the main reasons I originally left the UK was because I was tired of having one eye over my shoulder everywhere I went. I was tired of sitting in pubs wondering WHEN the fight was going to start rather than IF the fight was going to start. There’s a lot wrong with society, and no easy fixes. Can arming the police with these sorts of powers offer these fixes? I don’t think so.
The UK Government is about to pass legislation which will make any behaviour perceived to potentially ‘cause nuisance or annoyance’ a criminal offence. The Anti-Social Behaviour, Crime and Policing Bill also grants local authorities, police and even private security firms sweeping powers to bar citizens from assembling lawfully in public spaces. Those who refuse orders under the new rules will face arrest, fines and even prison time.
The Ever Increasing Powers
Since the Crime and Disorder Act 1998, which introduced Anti-Social Behaviour Orders (ASBOs) the government has invented and legislated for a litany of such orders covering everything from dog poo to drug addiction, including but not limited to: Control Orders; Terrorism Prevention and Investigation Measures Orders; Intervention Orders; Crack House Closure Orders; Premise Closure Orders; Brothel Closure Orders; Gang Related Violence Injunctions; Designated Public Place Orders; Special…
View original post 1,688 more words
Look at the size of these incidents…think of how many thousands of tiny information losses happen every day. Cyber security is not the answer. You need a Enterprise Risk Management strategy that integrates the whole organisation, and puts risk management at the head of the agenda instead of buries somewhere in the appendix.
It seems like companies these days are collecting more data on us than ever before. Every time you give that car dealership your email or give a store your zip code, you’ve given up a piece of yourself that can be used to uncover even more of your personal data. Your information is worth a lot, given how Facebook and Google make billions per year off it.
To use pretty much any piece of technology these days, you have to have a certain amount of trust in corporate America to do the right thing and safeguard the information it has on you. Of course, most companies do handle data responsibly. But there are bad guys out there – hackers, disgruntled employees and other assorted criminals – who are eager to exploit your data. And sometimes, even corporate computer security just isn’t enough to prevent a data leak.
View original post 232 more words
I just made chilli, and to be honest, eating it was the highlight of an otherwise unfulfilling week. It’s been a challenging to get into the swing of having the household to look after, now that Mrs SecurityGeezer has gone away for the summertime, leaving me here with Jasper and Nacho to psycho-analyze. It’s also been a bit of a challenge to get things done in the office. The last year has been spent getting some additional fitout work done there, and it’s just sort of dragged on a little, so now that we’ve imposed a deadline on ourselves, there’s been a lot of little things that have needed to be sorted.
Do you know how difficult it is to find a conference room table in glass that’s longer than 2.4m? Sheesh…
But what is also a somewhat exasperating is the market we’re in. It amazes me that we can work in this industry and this region for all these years, and with the wealth of experience accumulated within the walls of our organization we still frequently look at each other and shrug our shoulders, wondering what on earth will happen next. Life seems to consist of a constant cycle of meeting people you don’t trust but whom you have to take tiny leaps of faith, being introduced to dead-cert opportunities that turn out to be anything but, and working your way through a minefield of products and manufacturers that either don’t work or don’t understand the market.
This is a really nice infographic that popped up on a blog I follow, showing the 300 biggest data leaks in a lovely blobular representation. It feeds neatly into a topic I’ve been discussing a lot lately.
You look at this image and it’s obvious that lots and lots of data has been lost by lots and lots of organisations. These are just the biggest ones, so in amongst the blobs really there are millions of tinier blobs that represent the data loss that’s going on in companies all over the world all of the time. But who’s letting it happen? Security??
No – and this is possibly the most important point I can make in this or any other of my blog posts. Whilst organisations compartmentalize loss prevention into an isolated “Security” response, they will continue to fail to prevent the big blobs from appearing on this infographic.
When supermarkets “lose” tins of beans, it’s because beans that were part of the business’s inventory become not part of the inventory. That can be through theft or errors or damage. Beans that were on shelves move from the shelves to somewhere else. How do you prevent it from happening? Reduce theft by applying strong security methodologies, reduce errors by applying strong accounting methodologies, reduce damage by applying strong management methodologies.
When businesses “lose” data you cannot rationalize the situation down to a few simple scenarios. Imagine the business in question is a supermarket, and it loses the data on all of its online delivery shoppers. Same business – totally different problem – totally insoluble through simply implementing strong security, strong accounting or strong management, because the data wasn’t sitting on a shelf.
The uncertainty inherent in many of the more traditional crime prevention concepts resulted in the Situational Crime Prevention methodology developed by Ronald V Clarke. The idea here is that you can’t easily understand the motivations of a criminal, so you cannot outwit him by predicting his behavior. Instead, crime can be prevented by simply removing the opportunity for crime. Remove the asset. Limit access to the asset. Create an environment that discourages the commission of crime or places significant obstacles between the criminal and his quarry.
The end result of Situational Crime Prevention can often be displacement rather than prevention – but from the victim’s perspective, there is nothing wrong with displacement, because at least the victim is somebody else.
I’m proposing a similar set of countermeasures and crime preventing techniques that I’m calling Situational Cyber Crime Prevention.
Over coming blog posts I’m going to explain some of the principles of this approach.