Should Your CIO Learn to Code?

By Frederick Scholl | November 10, 2017 |

This topic came up because of two recent headlines and one new book. The first was the news that the now former Equifax CISO was a music major, without formal college level tech or security training. The second was the recent article in the WSJ highlighting Bank of America’s new Chief Operations and Technology Officer, Cathy Bessant. …

Read More

Long Term Beneficiaries of WannaCry

By Frederick Scholl | May 17, 2017 |

The current worldwide attack from WannaCry is going to have a lasting impact on information security. The question is: what will that be and who will benefit? In this blog post, I will take a contrarian viewpoint and suggest that it will not be beneficial to security practitioners or security businesses. I think business leaders,…

Read More

RISK: A NEW MOVIE ABOUT JULIAN ASSANGE

By Frederick Scholl | May 8, 2017 |

Last night I went to a screening of Laura Poitras’s movie about Julian Assange. If you are interested in national security, I highly recommend the film.  I had expected a big crowd, but Nashville’s Belcourt was only about 20% full. Love WikiLeaks or hate WikiLeaks, it is likely Assange will continue to be in the…

Read More

TRADE SECRET THEFT CONTINUES UNABATED

By Frederick Scholl | April 12, 2017 |

One of the biggest cyber threats that many US companies face is the theft of their intellectual property (IP).  This includes trade secrets, patents, software, and copies of tangible goods.  The recently released “Update to the IP Commission Report” gives tangible, current information on all four categories.  The original report was published in 2013 amidst…

Read More

TENNESSEE LEGISLATORS MUDDY WATERS AROUND PRIVACY BREACH NOTIFICATION REQUIREMENTS

By Frederick Scholl | April 6, 2017 |

The Tennessee legislature recently passed a modification to the state privacy breach notification requirements, § 47-18-2107.  The modification has been sent to the governor for signature.  Unfortunately, the modification just confuses the law’s requirements. The existing code says that a breach notification is required if “unauthorized acquisition of unencrypted computerized data” takes place.  The breach…

Read More

Data Governance Anyone?

By Frederick Scholl | January 28, 2011 |

I recently had a scary experience with Amazon.  I regularly order items on this site, and have not had significant problems.  However, yesterday was different.  I was ordering an emergency flashlight and four way travel powerstrip and about to complete my order, when I noticed that the shipping charges totalled $1055.44. See the screenshot to…

Read More