I published the following diary on isc.sans.org: “Data Classification For the Masses“. Data classification isn’t a brand new topic. For a long time, international organizations or military are doing “data classificationâ€. It can be defined as: “A set of processes and tools to help the organization to know what data
I remember this evening… More than two years ago, at RSA Europe, I was sitting in the hotel bar with my friends Craig Balding and Brian Honan talking about everything and nothing. Which topic was at the source of this? It’s too old but I had the idea to register
My privacy, your privacy are key requirements in our (online) life! Nobody enjoys seeing personal data used by unauthorized people. Let me tell you a story that happened to me today. I visited the website of a well-known vendor to grab some information about its products. When you’d like to
I’m just back from the last ISSA Belgium event organized tonight at Verizon premises. Wade Baker, director of risk intelligence for Verizon and creator, author and primary analyst for Verizon’s DBIR series, presented the analysis, findings and recommendations of the 2011 version of Verizon’s DBIR. If you are an infosec
Information security is a recurrent process. New threats arise and must be properly handled. In Augustus 2009, I already reported a story and came to the following conclusion: The principle of “action – reaction” as described by Newton is not applicable in information security! Here is another good example with
There is an ongoing communication campaign for a big interim company on the Belgian radio stations. The message they are broadcasting is: “Do not rely on your company physical assets but more on people“. And they are right! People are the most important value of a company. Even if you,
The 2010 edition of the Data Privacy Day will be held on the January, 28th. This initiative has a dedicated website: dataprivacyday2010.org. The goal is to create more awareness about your online privacy: “Data Privacy Day is an international celebration of the dignity of the individual expressed through personal information.
Data leakage is a major risk for many organizations today. As more and more data are used in a digital format, it’s easy to copy them or send them outside the security perimeter. Leaked data can have a major impact on the business (loss of revenue, loss of confidentiality or
