Blog: SANS Security Trend Line

Twelve Word Tuesday: Facebook, Twitter Et Al Buying Small Security Companies - Does Security Actually Increase?

More secure social media sites should mean safer user data - how provable?

Facebook Acquires PrivateCore
Twitter Acquired Dasient in 2012

Twelve Word Tuesday: Russia Bans Anonymous Public WiFi, Will Sunscreen Be Next?

Internet anonymity and skin cancer are dangerous. But, are the cures worse?

Russia bans anonymous WiFi access.

Is Sun Screen a Life Saver or a Poison?


CyberSecurity Questions CEOs and Boards Should Ask Learning From GMs Ignition Switch Disaster

Back in 2002 a GM engineer a GM engineer selected an ignition switch for several GM models "that was so far below GM's own specifications that it failed to keep the car powered on in circumstances that drivers could encounter, resulting in moving stalls on the highway as well as loss of power on rough terrain a driver might confront moments before a crash." That bad decision, as well as nearly a decade of operational mistakes and lack of management oversight, has cost GM over $2.5B in costs to date and may exceed $5B overall.

Cybersecurity incidents (such as the recent Target credit card data exposure that resulted in the resignation of both the CEO and the CIO and an estimated direct cost of over $1B) often have similar roots in bad operational decisions, poorly trained staff and lack of visibility at the senior management and board level into cyber-risks that can lead to significant business impact.

Based on the Valukas report that detailed GM's management


Twelve Word Tuesday: Evergreen Headline "New Technology X Impedes Security Process Y" Drives Need for New Security Process Z

Has old Security Process Y Ever Won? Maybe once (CALEA) - usually not.


Twelve Word Tuesday: Looking for Security Tea Leaves in New Microsoft CEO's "Bold Ambition & Our Core" Missive

Satya Nadella's letter to employeesmentions cloud 7x more often than security.

Microsoft CEO letter here