HATHAWAY RESIGNS CYBERSECURITY POST

By D.E. Levine

Citing personal reasons, on August 24th Melissa Hathaway resigned as senior director for cyberspace. Hathaway was appointed by President Obama in February. Prior to her appointment she was a cybercoordination executive for the Office of the Director of National Intelligence.

Directed to conduct a 60-day review of cybersecurity preparedness across the federal government, Hathaway completed her report in May 2009 and called on government officials to take several steps to enhance and bolster cybersecurity.

A major recommendation was the establishment of a cybersecurity officer within the executive offices of the President. This officer would oversee and enforce development and implementation of a new national cybersecuritry policy.

Under the Bush administration Hathaway headed the National Cyber Study Group, a multiagency group instrumental in developing the highly classified expensive (multibillion-dollar) National Cyber Security Initiative (NCSI). President Bush approved this initiative in 2008 and Hathaway was in charge of coordinating and monitoring the CNCI's implementation until her reassignment.

After receiving her report in May, President Obama announced he would appoint a White House cybersecurity czar but thus far hasn't named anyone. Hathway's leaving raises the need to find and appoint someone permanent.

It has been suggested that knowing she wasn't going to get the top job, Hathaway decided to capitalize on her high visibility and will probably go to a security consulting firm.

INFORMATION GOVERNANCE IS A MUST

By K.C. Bishope

We are living in a very challenging economic climate. Nobody can afford to spend money. Privately we learn how to make due with what we have, going without other items that will produce expenditures.

However, in business environments we look for ways to cut costs in our day-to-day environments. We are constantly under pressure to increase productivity and the value of resources.

Currently we're creating more electronic data than ever. Worldwide analysts have estimated an increase of 60% annually. Customers and colleagues are always complaining that there's just "too much information" with which to deal.

Who among us doesn't spend an inordinate amount of time managing e-mail on a daily basis? If we don't manage it daily it mounts up and becomes unmanageable.

When you need to find something, even with archiving systems, how long does it take to locate the document or email?

The question is where do we begin when we speak about managing electronic information?

Information governance, a pro-active, policy-driven information management strategy is a practical way to manage electronic information. By integrating business objectives with information management policies, information governance addresses regulatory compliance, privacy and e-discovery mandates, and corporate governance.

The foundations of information governance are in risk and compliance initiatives (GRC) that are being developed by companies in an effort to apply enforceable, consistent, repeatable and defensible policies.

This system only works if the various constituents from different departments, come together to work in tandem.

Getting consensus between group members from the different departments is very challenging and very difficult to achieve. But an effective information governance system provides for the management of information growth, management of access to data, and reduction of risk.

The heart of each of these challenges is policy. The most effective information governance involves carrying policies forward consistently with enabling technologies. At the core are foundational technologies including security, access control, classification, search, retention policy management, archiving and content management.

COOL BLUE RUNS COOL TWITTER CONFERENCES

By D.E. Levine

When Bob Fine started the Cool Blue Company, LLC to promote the use of Twitter, it was a gamble since no one had tried to make money promoting Twitter before.

Now his company is running a series of Cool Twitter Conferences cross country and proving that there's not only interest, but significant growth in Twitter.

Starting an hour early with a Boot Camp for beginning Twitterers, which explains what Twitter is and how the utility can be used, the Conference itself consists of a series of guest speakers from companies that are using Twitter to promote and enhance their businesses.

There are some fascinating stories, told in brief vignettes by people who can show significant growth in their businesses and enhanced customer relations through the steady use of Twitter.

It's all pretty impressive and definitely points to an relatively untapped market where using Twitter can significantly and positively impact business.

CRIMEDEX 2.0 TOOL FIGHTS THEFT ONLINE

By D.E. Levine

CrimeDex was introduced in 2001. It provided software that allowed 1,000 agency users to collaborate on criminal investigations via email and monthly meetings.

This Fall The (MVFCN) Merrimack Valley Financial Crime Network will start using CrimeDex 2.0. The upgraded produce will incorporate new features that will allow users to search a Web-driven database of 14,000+ criminal suspects and expedite investigations by uploading, sharing and managing images and video clips.

In addition the new release will allow the creation of member groups, distribution of e-mail alerts, interact via a dedicated portal, access individual member profiles and share a group discussion board and calendar.

According to CrimeDex officials, the upgraded version will increase cost effectiveness and efficiency allowing subscribers to not only solve crimes, but to prevent fraud and theft and catch repeat offenders.

DR NEEDS VIRTUALIZATION

By M.S. Welles

Remote disaster recovery can be handled by many virtualization capabilities and more and more companies are realizing this and adopting virtualization to handle their disaster recovery needs.

By placing servers and consolidating secondary storage at a disaster recovery location, companies are having great success in creating disaster recovery plans that are faster, within set deadlines and avoid massive physical change out of actual storage units.

Some companies claim that they have cut back up time for data in half, although they're still backing up the same or more data.

More and more companies are also using virtual machine backups on backup proxy servers that can be moved to other company locations when necessitated by weather or topography conditions.

NAC COMPANIES CHANGING

By D.E. Levine

Even as the need for security grows, it's a sign of the time that network access control (NAC) companies are either going out of business, being bought by other companies or changing directions.

NAC was introduced in 2003 and now one of the business pioneers, ConSentry, has gone out of business. ConSentry began by selling NAC gear embedded in intelligent switches.

Although it changed it's marketing strategy to reflect other functionality, the company was in a battle against the major switching vendors and ConSentry lost the battle.

ORACLE-SUN DEAL APPROVED BY DOJ

By M.S. Welles

The Department of Justice has approved Oracle's $7.4 billion acquisition of Sun, but European regulators still have to bless the deal for it to go through. Sun shareholders approved the deal on July 16th. If and when the acquisition goes through, Oracle will get an array of new assets that include MySQL database, the Java programming language and a stake in the computer hardware market.

CRIMINAL RECORD DETECTION IN CURRENT TIMES

By D.E. Levine

Unemployment is up and people currently seeking jobs include the best and the brightest, laid off through no fault of their own, but because of economic cutbacks, company failures, and political changes.

Employers now face an interesting and very serious problem of how to verify whether an applicant has a criminal record.

An applicant with a criminal record in the state where they're applying, or another state, may slip through because without access to FBI records employers must depend on resources or individual states and their political subdivisions.

Checking all the counties and states where an applicant may have lived or worked is extremely difficult. Frequently employers never find out about criminal history unless an applicant discloses it.

We live in a mobile society where people move for different reasons and live and work in different areas of the country and the world throughout the course of their lives and working careers.

Most employers don't have access to FBI files in their Criminal Justice Information Services Division or the National Instant Criminal Background Check.

However, the National Criminal File Search gathers information from multiple criminal records in over 3,000 local jurisdictions in 42 states plus the records of the U.S. Treasury's Office of Foreign Asset Control list; FBI most wanted terrorist and fugitives, many additional federal lists an many additional state and local law enforcement agency lists. Updated on a monthly basis, this information is Fair Credit Reporting Act compliant.

It's not advisable to use the National Criminal File Search as the primary means of checking for criminal records. Background checks still require Social Security number verification and a targeted county criminal court search in locations where the individual has lived and worked.

Thorough, accurate screening and verification of prospective employees at every level is a real necessity in the changing world. Failure to conduct pre-employment screening and eliminating unstable and unreliable employees could result in financial losses, disruptions to the work environment, and potential liability issues.

POSSIBLE FLASH STORAGE BOON

By K.C. Bishope

Executives of Web-based companies say that flash storage technologies are vital to the future of the businesses.

Since spinning disks haven't speeded up sufficiently to handle current needs, the industry is looking to flash technologies for a solution for the need for speed. Experts predict that flash will have a tremendous impact on infrastructure as well as storage.

Because flash storage doesn't have to spin a disk to access particular data, flash storage is much faster than hard disk drives. Data can be read from flash technologies in just a millisecond, as compared to several milliseconds with a traditional hard disk drive.

One of the technologies where it would seem an obvious benefit is within the data centers of cloud-based companies and where the data centers are very, very big. Solid State Disk drives (SSD) should be particularly popular.

In addition to speed it's predicted that flash storage could provide gains in reliability, lowered power use and saved space. The replacement of traditional storage with flash storage could mean companies would switch from 2U servers to shorter 1U servers.

Some companies like My Space and Facebook expect to use flash technology to cache frequently used data and maintain indexes for searches. But the companies are careful to say that only one-twentieth of all data would be stored on flash because there are currently no baselines on how long flash data will last.

IBM is about to offer SSD as a storage alternative. EMC is already offering it. Other companies are combining SSD for it's own internal use and for offering to clients.

CLEAR BECOMES VERY UNCLEAR

By D.E. Levine

For those travelers holding Clear cards for the TSA approved registered traveler programs, the future appears very dark. Verified Identity Pass, the company that operated the program, shut down company operations on June 22, 2009 and closed all of its security lanes.

Financial problems appeared to be the problem according to the company Web site that stated the company wasn't able to negotiate an agreement with its senior creditor to continue operations.

Vigilant Solutions, a company that runs the Preferred Traveler program, another TSA-approved Registered Traveler program posted a notice on its Web site stating that they are not Clear, and while interoperational with all Clear lanes they will continue to operate on a limited basis.

According to TSA spokespersons, the shutting down of Clear will impact the 250,000 frequent fliers who signed up for the service but will not impact overall TSA security.

INJUNCTION AGAINST MICROSOFT WILL CAUSE CHAOS

By M.S. Welles

When U.S. District Court Judge Leonard Davis issued an injunction preventing Microsoft from selling Word in the U.S. after October 10, 2010, he may not have been aware of the impact.

The injunction was issued and Microsoft was ordered to pay $290 million in damages and interest to i4i Inc. a Toronto-based company whose technology allows Word 2003, Word 2007 and Word for Mac 2008 to create custom XML documents.

Microsoft claims that the injunction will cause "massive disruption" to sales of Office software and also negatively impact key partners like Hewlett Packard Co., Dell, Inc., and Best Buy Co.

Claiming that in addition to sales disruption Microsoft can never recoup the funds expended for redesigning and redistributing Word. In essence, Microsoft is claiming irreparable damage if Office, the centerpiece of its product line, is kept out of the market for months.

Judge Davis, however, issued a 65-page summary opinion saying that Microsoft knew of i4i's patented technology as early as 2001 and deliberately set out to make the Canadian developer's software obsolete by adding a custom XML feature into Word.

CHINA SEEKS CUT IN LENOVO

By K.C. Bishope

The Chinese Academy of Sciences has a 65% holding in Legend Holdings Ltd. Legend is the parent company of Lenovo Group Ltd. The state-run Chinese Academy is looking for a sale of 29%, reducing the academy's holdings to 35%.

While willing to sell part of it's stake, there are restrictions in that the buyer must agree not to resell its stake, propose changes to Lenovo's executive base, or alter Lenovo's strategy for five years after the purchase.

MOZILLA REQUESTS REJECTION OF WINDOWS 7 PLAN BY EU

By M.S.Welles

Mozilla Foundations representative are urging European Union antitrust regulators to require something in addition to the ballot screen Microsoft intends to offer Window 7 users.

Microsoft has stated that to ease concerns over market domination, European users would be provided with a choice of web browsers with Windows 7.

According to Mozilla, IE will still enjoy a most-favored browser status even if the ballot screen is adopted. The Foundation also stated that because of IE ties to other Microsoft products like Office while other browsers have to be downloaded,

Additionally, Mozilla would like to see Microsoft extend its EU plans to other countries around the world. EU regulators, while not setting a timetable for resolution of the matter, expect resolution before the end of October.

CHIPS PLUS DNA

By K.C.Bishope

Can combining DNA molecules with nanotechnology create better computer chips? IBM seems to think so and is currently experimenting with combining the two to create tiny circuits that might form the basis for smaller, more energy-efficient, more powerful chips. These chips would also be easier and cheaper to manufacture.

According to IBM, the DNA molecules are used as scaffolding to enable carbon nanotubes to assemble themselves into very precise patterns. Greater precision in the design and manufacture of chips is achieved by self-assembly of the DNA structures.

Of course, while it all sounds like a great idea, IBM research scientists admit that implementation of the concept is still years away. But there are great expectations about the ability to significantly cut chip-building costs through the combination of biological processes and building blocks.

BUDGET CUTS HIT SECURITY

By D.E.Levine

The current economic crisis has affected everyone, including security practitioners. More than 50 percent of these security practitioners reported a 17 percent budget reduction from fiscal 2008 to fiscal 2009.

A survey completed by 259 participants reported most reductions were in contract services/consulting (46%), capital projects/equipment (48%), training and conferences (52%),and business travel (5%). A decrease in security staffing was reported by only 34%.

Security has always had a difficult time getting management to recognize its importance from a business perspective and getting adequate funding. With the economy in a crunch, the budget, most specifically the security budget, has been squeezed hard.

Some security leaders attempt to create an image where they are viewed more as a value center than a cost center. However, generally security is viewed as an expense or cost and not a revenue generating area.

As budgets are being cut, security incidents are increasing, especially those of theft and fraud.