Viewing posts tagged Security and Economics
risk-and-effectiveness-for-project-evaluation
Posted by: admin 11 years, 6 months ago
Gunnar Peterson has a post from Metricon about Bryan Ware's presentation about combining the effectiveness of a solution and the risk involved. I couldn't find the link to the actualy presentation. (I didn't have the time to go through them all.)
I think I would tie the effectiveness of the proposed security solution to the cost of capital of the overall project. It would be interesting to tie Bryan's work with my "work" on estimating the cost of capital for an information security project.
incentive-plan-for-an-information-security-team
Posted by: admin 11 years, 6 months ago
It has occurred to me that you could develop an interesting incentive program for an information security team, assuming that you believe a couple of data points (or can come up with your own) and your primary concern is a data breach. In my opinion, security people are all too often incented only to maintain security - not to optimize the investment in security. Interests need to be aligned.
response-to-responses-incentive-plans-for
Posted by: admin 11 years, 6 months ago
My recent (assumption laden and simplistic) post on incentive plans for an information security team was picked up by Adam and subsequently poked at by mordaxus and then piled on by Mike Rothman.
punishment-and-security
Posted by: admin 11 years, 6 months ago
There is a very article in the NY Times about how groups can profit by punishing members, in particular, by punishing free riders.
In the experiment, investigators at the University of Erfurt in Germany enrolled 84 students in the investment game and gave them 20 tokens apiece to start. In each round of the game, every participant decided whether to hold on to the tokens or invest some of them in a fund whose guaranteed profit was distributed equally among all members of the group, including the "free riders" who sat on their money. Because the profit was determined by a multiple of the tokens invested, each participant who contributed to the fund enjoyed less of a return than if the free riders had done so as well.
hedge-fund-management-and-information-security
Posted by: admin 11 years, 6 months ago
Been a long time since I posted anything. I'm trying to get back into the swing.Recent Posts
- WiKID Android tokens had their data deleted over the weekend by Google Chrome bug
- Scalability improvements in version 5.0 of the WiKID Strong Authentication server
- 5.0 Released!
- Docker repository for the WiKID Strong Authentication server
- New Amazon EC2 image on marketplace
Archive
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)