Skip to main content

The WiKID Blog

Viewing posts tagged Security and Economics

what-is-the-opposite-of-a-moral-hazzard

According to a recent study by researchers from my alma mater, the University of Virginia, the use of cameras to fine motorists who run red lights actually increases the number of accidents at those intersections. There are fewer T-bone collisions, but more rear-end collisions.

where-are-you-on-the-normal-curve-of-information

I recently was goaded into joining the IT Policy Compliance Group so I could read their research report entitled Taking Action to Protect Sensitive Data.

why-roi-is-a-crappy-measure-for-information

At a number of recent events and discussion forums the topic of ‘selling’ security investments to top management has been addressed. The question posed is that if there is no positive return from a security investment, how do security professionals propose a security solution to a CFO or CEO? What is the return on a strong authentication, a firewall or IDS system that neither saves money (except perhaps in employee time, an argument that may fall on deaf ears) nor generates revenue? Importantly to me, how can you justify the investment in strong authentication? The answer lies in what really creates value for an enterprise.

willingness-to-take-risk-a-learned-trait-corporate

Cognitive Daily pointed me to an article about risk preferences and it's deceptive headline. The research is interesting to from two perspectives:

"With regard to willingness to take risks children are astonishingly similar to their parents," is how the Bonn economist Professor Armin Falk sums up the results. "This is not only true for the overall estimate, but also for the different categories. There are people, for example, for whom no mogul piste is too steep when skiing, but who invest their money in secure government bonds. An identical risk profile can often be found with their children."
From a corporate standpoint, it would seem to indicated that while a company (as represented by it's senior management and employees) may be very conservative in its investment strategy, it may be willing to take enormous risks in information security.

the-externalities-of-dns-configuration

According to a recent study by DNS appliance maker Infoblox, over 50% of the Internet's domain name servers allow recursive name services - requiring a name server to relay requests to other name servers. If an attacker "poisons" the list of name servers, users are directed to a fake site, even if they manually enter the correct web-address.

Recent Posts

Archive

2024
2022
2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom