Apr 29 2011

Top Five Hollywood Hackers Movie

Category: cyber security,Information SecurityDISC @ 11:23 am
Hollywood Sign

Image via Wikipedia

In movies the hacker tries to hack into a Department of Defense computer by speed-typing passwords. We all know reality is nothing like this and we see it as the joke that it is.

But business management don’t see the inherent risks as affecting business bottom line but a hindrance to another new project; they don’t see the research, the probing, the social engineering, risk impact, risk probability and overall risk as security professional do. It is our job as a security professional to show the risks in business terms to management so they can make a reasonable decision based on business risk threshold rather than emphasis on hinderance to bottom line. Remember the return on investment in security is part of doing business, it’s about reducing risks on ongoing basis and keep the company profitable on long term basis (keep making the money).

Emphasize management’s accountability for the risk and most importantly for residual risks (remaining risk after implementing a control). Put the onus on the Information Asset Owner who should be at the management level not a technical staff (may delegate responsibilities in small companies). Make clear recommendations but let them make the key decisions AND make them accountable if things may go wrong.

So yes, management is more impressed by flash and glamour, Because they know and good at analyzing the business risks but take the security risks as business inhibiting to their new project and may like to accept the risks rather than taking the time to address the issue which should be a corrective control to mitigate the existing risk to acceptable level.

What do you think – Do the Hollywood movies add any value in a sense to emphasis the information security risks as a threat to business folks or they just fictional stories which make business people ignore the information security threat?

Which one is your favorite hacker movie….

Below are the top three hackers movies

3-Hackers, 2-Untraceable, 1-WarGames

Tags: Business, Cinema of the United States, Hollywood, Information Security, Management, Risk, United States Department of Defense, WarGames

Mar 13 2011

Lessons from Anonymous on cyberwar

Category: cyber security,CybercrimeDISC @ 11:44 am
Cyberwar soldiers

Image via Wikipedia

By Haroon Meer
A cyberwar is brewing, and Anonymous reprisal attacks on HBGary Federal shows how deep the war goes

“Cyberwar” is a heavily loaded term, which conjures up Hollywood inspired images of hackers causing oil refineries to explode.

Some security celebrities came out very strongly against the thought of it, claiming that cyberwar was less science, and more science fiction.

Last year on May 21, the United States Cyber Command (USCYBERCOM) reported reaching initial operational capability, and news stories abound of US soldiers undergoing basic cyber training, which all point to the idea that traditional super powers are starting to explore this arena.

Recent activities with one government contractor and Anonymous, however, show clearly that cyber operations have been going on for a long while, and that the private sector has been only too ready to fill the cyber mercenary role for piles of cash.

To read the remaining article and Anonymous vs. HBGary

Tags: Anonymous (group), cyberwarfare, Haroon, Hollywood, Loaded language, Oil refinery, Organisation for Economic Co-operation and Development, United States Cyber Command