That your technology strategy should be driven by business is a truism. We all know this -  architecture, strategy and IT overall should be driven by business needs, strategies and outcomes.

A few months ago I wrote about the rising visibility and responsibility of risk management professionals, linking to articles about the growing demand for risk training and talent. Along that train of thought, I was just able to get to this month’s edition of Risk Management, which along with a great photographic review of the last year in risk management, has an article outlining the progress the profession has made over the last decade. It’s interesting to think that 10 years ago risk management was a much smaller discipline focused on relatively narrow problems like the Y2K software flaw. Things have changed a lot.

Case in point, the SEC announced this week the approval of new rules that will, among other things, require companies to disclose the relationship between their compensation policies and risk management, as well as describe the board of directors’ role in risk oversight.

Understanding what compensation policies have a material impact on an organization’s risk and developing policies for board-level oversight of risk will require guidance from internal and/or external risk experts... good news for any risk experts who appreciate gainful employment. And of course, many additional regulations and SEC rules expected to come together early next year are also likely to continue this trend.

A while back, I blogged on how researchers have developed tools to intercept streaming video from video conferencing systems and IP surveillance cameras. Today I feel so prescient with the Wall Street Journal's article on how Iraqi insurgents are using similar software to intercept the video feed of Predator Drones.

The article has the catchy subtitle "$26 Software Is Used to Breach Key Weapons in Iraq; Iranian Backing Suspected." It discusses how the insurgents are using the software to intercept the Drone's unencrypted video stream, "potentially providing them with information they need to evade or monitor U.S. military operations."

According to the article, the military has been aware that this type of attack was posssible for some time: "The potential drone vulnerability lies in an unencrypted downlink between the unmanned craft and ground control. The U.S. government has known about the flaw since the U.S. campaign in Bosnia in the 1990s, current and former officials said. But the Pentagon assumed local adversaries wouldn't know how to exploit it, the officials said."

Let's hope that the Pentagon has learned what happens when you ass-u-me things...

Last week, Facebook upgraded its privacy settings. I am sure by now many of you have gone through the new privacy setting wizard. But do you know all the ins and outs of the new settings and how to navigate them?

In general, the new Facebook privacy setting menu is easy to use and straightforward. Some of the new options Facebook provides are positive changes. For instance, you can now hide a wall post to specific individuals (or make them visible to specific individuals). This level of fine-grained control was not available before, which is a welcome change.

However, in the course of migrating to the new privacy settings, Facebook has made several categories of information visible by default to “Everyone.” If you didn’t actively manage your privacy settings through this new migration, some of your information, such as Family and Relationship, Education and Work, and your posts will be left visible to everyone, regardless of what your previous privacy settings were.

Another puzzling thing is that Facebook apparently does not think the ability to control who can see your “Friends list” belongs in privacy settings. Moreover, they’ve made everybody’s Friends list visible to the world by default. To turn that off, you have to go to your profile page and click the little crayon icon next to your friends list to unselect the “Show Friend List to everyone” option. If you have previously hidden your Friend list from public view, they are now free for all to see unless you did the little trick with the crayon icon! Even worse, your Friend list will now show up in search engine results.