Force Multipliers - What Security & Risk Professionals Can Learn From Special Forces

Rick Holland

Last week I read an article on wired.com’s Danger Room blog about the elite US military Special Forces command, JSOC.  The units within the Joint Special Operations Command (Delta Force and Seal Team 6) are responsible for the most clandestine and sensitive US military operations, including the Bin Laden raid into Pakistan last year. JSOC is very similar to elite Special Forces (SF) units across the globe including: the Russian Spetnaz, British SAS, French Naval Commandos, and the Israeli Shayetet 13.  These SF units are capable of addressing asymmetric threats that traditional military units aren’t prepared to handle.

In the article, Spencer Ackerman interviews Marc Ambinder, one of the authors of The Command about JSOC. The article piqued my interest and I just finished reading the eBook. Like almost everything I do, I considered the information security implications as I read it.  Today’s infosec threat landscape is dominated by unconventional threats that are difficult to address. How can we leverage the techniques utilized by SF to deal with the cyber threats we face today?  I realize that we have an international audience, and my point isn’t to focus on US policy, but rather to take a deeper look at the unique capabilities of SF units and what lessons we can apply in our roles as S&R professionals.

Read more

Categories:

Epsilon's Data Breach Raises Awareness Of Cyber Crime

Shar VanBoskirk

By now, you've all heard about Epsilon's April 1 data breach — an unauthorized party accessed a subset of Epsilon's email clients' data. My colleague Dave Frankland outlines the circumstances of the incident and its implications on Customer Intelligence and data security in his blog post immediately following the incident.

I attended Epsilon's Customer Symposium in Naples, Fla., last week, and I wanted to pipe in with some commentary based on what was addressed directly by Epsilon at the event.

Marketers: The way I would look at this is "if a data breach can happen to Epsilon — a firm which specializes in data and data management — it can definitely happen to me." We learned from Bryan Sartin, director of investigative services, Verizon Business Security Solutions, and Mick Walsh, supervisor, Miami Electronic Crime Task Force, US Secret Service, that electronic crime is a huge and growing business, due in part to the ease of access to consumer information online and the ease of access to the data black market through online search engines. Three-quarters of cases of electronic crimes executed through malware come from data disclosed through Facebook.

Note that most cyber crimes:

Read more

Unlock The Value Of Your Data With Azure DataMarket

James Staten

If the next eBay blasts onto the scene but no one sees it happen, does it make a sound? Bob Muglia, in his keynote yesterday at the Microsoft Professional Developers Conference, announced a slew of enhancements for the Windows Azure cloud platform but glossed over a new feature that may turn out to be more valuable to your business than the entire platform-as-a-service (PaaS) market. That feature (so poorly positioned as an “aisle” in the Windows Azure Marketplace) is Azure DataMarket, the former Project Dallas. The basics of this offering are pretty underwhelming – it’s a place where data sets can be stored and accessed, much like Public Data Sets on Amazon Web Services and those hosted by Google labs. But what makes Microsoft’s offering different is the mechanisms around these data sets that make access and monetization far easier.

Read more