tag:blogger.com,1999:blog-53861740853229398732024-02-18T20:12:46.834-08:00Cyber InsightsCyber Insights provides thought leadership, commentary and review of innovations in the next-generation cyber security technology market by globally recognized information technology and cyber security expert, Ed Brinskele. Ed is the CEO of California based Vir2us, Inc., a global leader in next-generation cyber security solutions. Unknownnoreply@blogger.comBlogger8125tag:blogger.com,1999:blog-5386174085322939873.post-16990091627011648392019-05-20T13:08:00.001-07:002019-05-20T13:08:07.491-07:00Why your cybersecurity failed<iframe allowfullscreen="" frameborder="0" height="270" src="https://www.youtube.com/embed/b6dSpt1nXFI" width="480"></iframe>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5386174085322939873.post-53455267017899234932017-05-16T19:54:00.002-07:002017-05-16T20:01:57.660-07:00Hacked to Death–Yahoo Ignores Repeated Warnings to Get Out of the House<div class="MsoHeader">
<span style="font-size: 12.0pt;">We’ve all seen the classic
haunted house horror movies where, after having more than enough warning that
something is critically wrong, the lead character and his supporting cast simply
won’t get out of the house. Yahoo seems
to have taken on this role over the last five years as the company has been the
target of repeated cyber hacking while it’s market cap slid from over $50
billion to less than $5 billion. Meanwhile,
its board of directors and C-level management appear to have largely ignored
warnings outside of its in-house security resources, all the while failing to educate
themselves about the risks and reasons that cyber security needs to be a board
and C-level management priority. As
quick as Yahoo’s trip to the bottom was, for many other firms it may be that
the worst is yet to come. <o:p></o:p></span></div>
<div class="MsoHeader">
<br /></div>
<div class="MsoHeader">
<span style="font-size: 12.0pt;">At a high level, this is a
symptom of a more fundamental problem that tech market analyst, Gartner has
been warning F1000 companies about lately as it relates to cyber security,
which is a failure to innovate. Corporate cultures that suffer from a not-invented-here
syndrome, and the tendency to look to insiders and vendors who are cronies of
in-house personnel, are just some of the killers of innovation, and sometimes
the entire enterprise. Harvard’s Professor
Clay Christensen, author and former consultant to Apple’s Steve Jobs, is fond
of saying that most large organizations strip the disruptive innovation out of
good ideas before they can even get started, in part because they lack a clear
process to capture and implement those ideas. Failure to innovate is how IBM created
Microsoft, Yahoo created Google, Reuters created Bloomberg (albeit all unwittingly),
and the list goes on. Even the Federal
Government has recognized that if they identify an innovative solution to a significant
problem there is often no process to procure it. <o:p></o:p></span></div>
<div class="MsoHeader">
<br /></div>
<div class="MsoHeader">
<span style="font-size: 12.0pt;">The real horror is for
Yahoo’s investors and clients who know this is no movie. Customers are already adding digital asset
security to their shopping criteria when choosing suppliers, and there is a
future coming where the SEC will require disclosures of such risks that directly
impact shareholder value. Add to this
the fact that global hacking is now a $2 trillion annual business (more
lucrative than drug dealing and not nearly as dangerous), and it’s clear that
senior management and boards need to heed the warnings to get out of the house
before it’s too late. <o:p></o:p></span></div>
<div class="MsoHeader">
<br /></div>
<div class="MsoHeader">
<br /></div>
<div class="MsoHeader">
<br /></div>
<div class="MsoHeader">
<br /></div>
<div class="MsoHeader">
<br /></div>
<br />
<div class="MsoHeader">
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5386174085322939873.post-7236850447042939102016-04-28T15:33:00.000-07:002016-04-28T16:01:55.078-07:00Taking Aspirin for a Headache Caused by a Brain Aneurysm? The Most Popular Cyber Security Solutions Are Just That.<div class="MsoNormal">
<div style="text-align: justify;">
<span style="font-size: 12pt; line-height: 17.12px;">B</span><span style="line-height: 17.12px;">illions of dollars are spent each year for cyber security solutions that simply don’t work. Even the newest and most popular solutions providers fail to deliver genuine cyber security because their solutions focus on symptoms and not the real problem. Nearly all cyber security solutions providers have failed to correctly identify the fundamental problem which lies in a legacy computing architecture that did not anticipate the Internet. As a result, implementing these solutions is not unlike taking aspirin to get rid of a headache caused by a brain aneurysm. </span><br />
<span style="line-height: 17.12px;"><br /></span></div>
</div>
<div class="MsoNormal" style="margin-bottom: 12pt;">
<div style="text-align: justify;">
<span style="line-height: 17.12px;">In the case of cyber security, the aneurysm is embedded malware and unknown threats that simply can’t be stopped by the most popular solutions providers in the market today. This includes McAfee, Symantec, Fire Eye, Palo Alto Networks and virtually all legacy solutions providers. The problem for corporate executives and their boards becomes exacerbated when, after spending potentially millions of dollars on these flawed solutions, IT managers are put in the difficult position of having to defend the expense or explain why they must spend even more. <o:p></o:p></span></div>
</div>
<div class="MsoNormal" style="margin-bottom: 12pt;">
<div style="text-align: justify;">
<span style="line-height: 17.12px;">The truth is that nearly all of the most popular cyber security solutions providers are completely ineffective against embedded and foreign language malware. Remarkably, these same solutions providers readily admit that over 90% of computers are already compromised with exactly this type of malware that their solutions can do almost nothing to stop. As a result, the annual RSA Conference of security solutions providers held in San Francisco each year has become like a cosmetics convention that offers help and hope but few genuine solutions. <o:p></o:p></span></div>
</div>
<div style="text-align: justify;">
The good news is that genuine cyber security is being achieved by a core group of Silicon Valley technology experts with some new and patented technologies that are quickly being recognized as the way forward by industry and government experts. These solutions secure endpoints by isolating files and applications in secure containers and use secure processes that can make cyber threats irrelevant. So if your solutions provider does not secure computing endpoints with secure containerization, isolation and kernel level built in secure processes your headache may be the least of your problems. </div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5386174085322939873.post-59251333140943466892014-05-28T13:41:00.000-07:002018-09-21T03:16:41.105-07:00Would You Spend $100 to save $1 Billion? If Not, You Could Be the Next Target.<span style="font-family: "calibri";">Estimates are that the cost of a relatively simple hack on
retail giant Target this past December has reached over $1 billion
to date, not to mention the ongoing legal exposure and subsequent damage to its
high-value brand.<span style="mso-spacerun: yes;"> </span>The ripple effect of
over one hundred million credit card numbers being stolen and quickly sold
online to a global black-market of ready customers is staggering, <span style="mso-spacerun: yes;"> </span>and will ultimately impact millions of
consumers, as well as thousands of banks and retailers worldwide.<span style="mso-spacerun: yes;"> </span></span><br />
<span style="font-family: "calibri";"><span style="mso-spacerun: yes;"></span></span><br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: "calibri";">Remarkably, Target was one of the largest retail customers
of Wall Street darling, Fire Eye, which failed to identify and thwart the hack.<span style="mso-spacerun: yes;"> </span>Despite a more than $40 million dollar
marketing budget last year, Fire Eye’s advertising no doubt rings hollow with
senior management at Target, particularly the CIO and CEO who were terminated
in the wake of the hack.<span style="mso-spacerun: yes;"> </span>This is just
another example of an internal IT group that, because they lacked the needed
cyber security domain knowledge, put the fate of their company in some well marketed
but flawed legacy cyber security solutions.<span style="mso-spacerun: yes;">
</span>It has now been proven that these legacy solutions simply cannot deliver
genuine cyber security.<span style="mso-spacerun: yes;"> </span>What is particularly
poignant is the fact that for as little as $100 per credit card terminal, Target
could have secured these critical infrastructure components of the company’s
high-value digital information assets. <o:p></o:p></span></div>
<span style="font-family: "calibri";">There are thousands of companies similarly deluded by
well-meaning IT marketers, as well as their own generally competent IT
managers.<span style="mso-spacerun: yes;"> </span><span style="mso-spacerun: yes;"> </span>In fact, most IT managers will admit that
cyber security is a horse of a different color and is far different
from the typical challenges that IT managers regularly face. <span style="mso-spacerun: yes;"> </span>In general, IT managers understand the
vastness of the problem, but have been led to believe by legacy providers that
there is no “silver bullet” solution.<span style="mso-spacerun: yes;">
</span>Like any good fallacy, this folklore has some truth in it.<span style="mso-spacerun: yes;"> </span>There is no single solution to the problem of
cyber security; however there are several components that, when fully
integrated and complemented by tools that incorporate IT management’s intimate
knowledge of their own business, can push the effectiveness of cyber security
to 99.99% to 100%.<span style="mso-spacerun: yes;"> </span>The best part is
that it’s not expensive.<span style="mso-spacerun: yes;"> </span><o:p></o:p></span><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: "calibri";">I’ll be writing about these very real “silver bullets” and
how to properly deploy them in my next article on the subject, some time in
June.<span style="mso-spacerun: yes;"> </span>Until then, if you can’t wait,
email me and I’ll lay out the seven steps for you.<span style="mso-spacerun: yes;"> </span>(Ed@vir2us.com) <span style="mso-spacerun: yes;"> </span><o:p></o:p></span></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgY4fMCkNKjRKekG661OQGMMlreMQtFxe-io1Sk20b_ulw-v7In7wAJd_fQ7XqPWI4DMaf4-m-WmBUF0G7w89QjyMX6EKAJ1NRtg460FuZMDtDz_cHCwMca0jt-nCCGXSMyD0nSvXQC__U/s1600/cyber+insights+logo+Hi+Res.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="133" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgY4fMCkNKjRKekG661OQGMMlreMQtFxe-io1Sk20b_ulw-v7In7wAJd_fQ7XqPWI4DMaf4-m-WmBUF0G7w89QjyMX6EKAJ1NRtg460FuZMDtDz_cHCwMca0jt-nCCGXSMyD0nSvXQC__U/s1600/cyber+insights+logo+Hi+Res.png" width="200" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5386174085322939873.post-62925764574722252782013-06-27T01:28:00.001-07:002013-07-03T10:54:17.056-07:00Snowden Classified Data Theft Incident was Avoidable<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt; text-align: justify;">
<span style="font-family: Calibri;">The Snowden incident, (where a government intelligence
worker was able to easily copy and disseminate large amounts of highly
classified data), highlights one of the fundamental problems of legacy cyber
security and the thinking behind it.<span style="mso-spacerun: yes;"> </span>Like
many complex technology problems, people without the needed domain knowledge
required to identify solutions tend to focus on the symptom, at least in part
to cover up the fact that the knowledge is lacking.<span style="mso-spacerun: yes;"> </span>Unfortunately, next-generation cyber security
technology, which the government is trying to adopt and implement, is a solution that few people in government understand. However, the Federal Government is not alone in
its slowness to implement next-generation cyber security.<span style="mso-spacerun: yes;"> </span>Banks, oil, gas, water and power utilities
are similarly vulnerable when it comes to protecting digital assets and
critical infrastructure.<span style="mso-spacerun: yes;"> </span><o:p></o:p></span></div>
<div style="text-align: justify;">
<span style="font-family: Calibri;">The Snowden incident could have easily been avoided with
some next-generation digital asset protection.<span style="mso-spacerun: yes;">
</span>Snowden’s ability to simply copy terabytes of classified data was
possible, at least in part because of a reliance on obsolete technologies,
security strategies and processes.<span style="mso-spacerun: yes;"> </span>The
government (NSA) has for some time focused on the use of high-grade
cryptography to protect data and, in this area, commercial firms have tended to
follow the government’s lead.<span style="mso-spacerun: yes;"> </span>However the
advent of the Internet and global networks changed the game significantly with
respect to protecting data.<span style="mso-spacerun: yes;"> </span><o:p></o:p></span></div>
<div style="text-align: justify;">
</div>
<div class="MsoNormal" style="margin: 0in 0in 10pt; text-align: justify;">
<span style="font-family: Calibri;">The government tends to use encryption as an all or nothing
proposition, encrypting hard drives on computers or databases at the file
level.<span style="mso-spacerun: yes;"> </span>The problem with this approach is
that, once a user has entered the access credentials, the entire file or drive
is completely exposed. <span style="mso-spacerun: yes;"> </span>Instead, using
triplex-authentication in conjunction with folder and record level encryption
solves the problem. <span style="mso-spacerun: yes;"> </span>In this environment
Snowden would have been able to do his job and even bring large amounts of data
and data files together but all the data would have remained encrypted, except
when viewing query results or a limited number of individual records.<span style="mso-spacerun: yes;"> </span>He never would have been able to copy entire
files, at least not without triplex authentication notification and approval of
a higher-up, and not without the copied files remaining encrypted at the record
level.<span style="mso-spacerun: yes;"> </span>This means that even if he had gotten
approval to copy the data to an external storage medium or the cloud, the file
would not be divorced from the triplex authentication access required to view
or query the data.<span style="mso-spacerun: yes;"> </span>Additional
protections are available that would have destroyed the encryption lock if the
authentication failed even once, since the files would have been tagged as a copy
outside of its home domain. <span style="mso-spacerun: yes;"> </span></span></div>
<div class="MsoNormal" style="margin: 0in 0in 10pt; text-align: justify;">
<span style="font-family: Calibri;">There are other considerations and
failures that the government says may have occurred in this incident but most
of these revolve around manual processes, policies and procedures that are only
reliable if they are part of closed-loop processes, and even then rely on
timely communication.<span style="mso-spacerun: yes;"> </span>Finally, the Federal Government
continues to operate with legacy cyber security that provides little or no
security once access is achieved. The President recently issued an executive order
to address the issue and I recommend firms consider doing the same.</span></div>
Unknownnoreply@blogger.com2tag:blogger.com,1999:blog-5386174085322939873.post-67954133491984722852013-05-30T10:28:00.004-07:002013-05-30T10:30:19.430-07:00Why Many Companies Are Failing to Achieve Genuine Cyber Security<div style="text-align: justify;">
<span style="font-family: Calibri;">There are several key reasons many companies are failing to successfully implement genuine cyber security.<span style="mso-spacerun: yes;"> </span>Cyber security was an after-thought of a computer industry that did not envision or plan for the connected world we live in today.<span style="mso-spacerun: yes;"> </span>Nearly all cyber security solutions in the market today fail to follow the eight time-tested principles of security, instead relying on a post-attack ability to identify and create lists of known-threats after the damage has been done.<span style="mso-spacerun: yes;"> </span>Nearly all solutions available today were not “built-in” but instead sit on top of the OS and rely on it for their functionality.<span style="mso-spacerun: yes;"> </span>Another major reason for this failure is that senior managers are looking to IT professionals to solve a problem that is less about IT than it is about process and mathematics.<span style="mso-spacerun: yes;"> </span>Few IT professionals are process engineers or mathematicians.<span style="mso-spacerun: yes;"> </span><br /><span style="mso-spacerun: yes;"></span><br /><span style="mso-spacerun: yes;"></span>Next-generation cyber security will be built-into applications and computing environments to create inherently secure processes that do not need to identify threats but rather handle processing in a way that makes such threats irrelevant.<span style="mso-spacerun: yes;"> </span>Many still don't realize that the computing platform architectures we are leveraging today are more than thirty years old and reaching the end of their lifecycles.<span style="mso-spacerun: yes;"> </span>They were not designed with the Internet in mind, nor did they envision the potential secure computing problems that such an environment would produce.<span style="mso-spacerun: yes;"> </span></span></div>
<span lang="EN" style="color: #fffffe; font-family: "Arial","sans-serif"; font-size: 8pt; mso-ansi-language: EN;"><span style="color: #444444; mso-spacerun: yes;"></span></span><br />
<div class="separator" style="clear: both; text-align: center;">
<span lang="EN" style="color: #fffffe; font-family: "Arial","sans-serif"; font-size: 8pt; mso-ansi-language: EN;"><span style="color: #444444; mso-spacerun: yes;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEijDy0yBtoKcDDISDVNOe32YkYu_MkVJM4LsjxrupJl-ykjAZ9tup4KGYUMFxDjsVnTafZxiXcffgFyCoHhuCbNh842AHziD9jxGFgecnOvEpvM-wIGhoGVWVEcbClNV5ZB6c6Mf5lLuyo/s1600/cyber+insights+logo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="133" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEijDy0yBtoKcDDISDVNOe32YkYu_MkVJM4LsjxrupJl-ykjAZ9tup4KGYUMFxDjsVnTafZxiXcffgFyCoHhuCbNh842AHziD9jxGFgecnOvEpvM-wIGhoGVWVEcbClNV5ZB6c6Mf5lLuyo/s200/cyber+insights+logo.png" width="200" /></a></span></span></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5386174085322939873.post-8934618421972598382013-05-29T12:00:00.001-07:002013-05-30T11:07:03.725-07:00Is Your Company in Denial about Denial-of-Service Attacks? <div style="text-align: justify;">
<span style="font-family: Calibri;">Denial-of-service attacks are a
direct assault on your company’s online revenue stream.<span style="mso-spacerun: yes;"> </span>These attacks are pretty easy for hackers to pull off, and
your company should not simply be hoping that it won’t be targeted.<span style="mso-spacerun: yes;"> </span>Denial-of-service attacks are not limited to
a few high-profile companies—every company with significant online revenue is
at risk and the attacks are costing firms $billions.<span style="mso-spacerun: yes;"> </span>The bad news about denial-of-service attacks
is that legacy cyber-security firms have no genuine solution, in part because
most of these firms don’t have the deeper domain knowledge required to
problem-solve and innovate in this space.<span style="mso-spacerun: yes;">
</span><span style="mso-spacerun: yes;"> </span></span><br />
<span style="font-family: Calibri;"><span style="mso-spacerun: yes;"> </span><o:p></o:p></span></div>
<div style="text-align: justify;">
<span style="font-family: Calibri;">Back in the very early 1990s when
the Internet was still new, <span style="mso-spacerun: yes;"> </span>some of the
big ISPs like UUNet were positioning themselves to be acquired by big telecom
operators (for ex. UUNet was acquired by WorldCom).<span style="mso-spacerun: yes;"> </span>I remember a discussion at a network planning
session when I noted to UUNet executives that the Internet lacked the
identifiers that governed telecom networks and that these would be easy to add
to the Internet at this early stage of development.<span style="mso-spacerun: yes;"> </span>The response was – well I don’t recall
precisely what it was—but it went something like, “<i style="mso-bidi-font-style: normal;">we don’t need no stinking identifiers</i>”.<span style="mso-spacerun: yes;"> </span>Their attitude was understandable at the time.<span style="mso-spacerun: yes;"> </span>Demand for access and bandwidth was already
growing at a mesmerizing rate.<span style="mso-spacerun: yes;"> </span>All they
could think of was how to feed the beast.<o:p></o:p></span></div>
<div style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="margin: 0in 0in 10pt; text-align: justify;">
<span style="font-family: Calibri;">The design I had suggested at
that time would have identified every user that hopped onto the Internet along
with their location, point of access, etc.<span style="mso-spacerun: yes;">
</span>Also like telecom networks, it would have assigned them a <i style="mso-bidi-font-style: normal;">class-of-service</i> or COS that determined
what they were or were not allowed to do.<span style="mso-spacerun: yes;">
</span>If for any reason they managed to get on the network without this
independent channel authentication (something that was very difficult to do)
they were assigned a default class-of-service that allowed them to do almost
nothing.<span style="mso-spacerun: yes;"> </span><o:p></o:p></span></div>
<div style="text-align: justify;">
<span style="font-family: Calibri;">I recently resurrected this
design with my engineering group to create a denial-of-service solution that will
be offered by Vir2us this Fall (2013).<span style="mso-spacerun: yes;">
</span>I’ve added some cool features and tools that we didn’t have back at that
time when processors were slower, storage and memory were not such low-cost
commodities, and we lacked cloud based speeds and scalability.<span style="mso-spacerun: yes;"> </span>There is some complexity here to be sure, and
we’ve created some new IP with these innovations that we expect to license to
others, but we know it works because we implemented its older brother in
hundreds of early private and public digital networks.<o:p></o:p></span></div>
<div style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="margin: 0in 0in 10pt; text-align: justify;">
<span style="font-family: Calibri;">Just how does all this stop
denial-of-service attacks?<span style="mso-spacerun: yes;"> </span>It’s really
quite elegant and will also solve some other annoying problems that plague us
about the Internet’s architecture.<span style="mso-spacerun: yes;"> </span>A
denial-of-service attack is like too many people asking you a variable question
all at the same moment rather than in succession.<span style="mso-spacerun: yes;"> </span>At some point you simply can’t respond
quickly enough and everything stops.<span style="mso-spacerun: yes;"> </span>Now
imagine that only the people you pre-selected were allowed to ask you
questions, and you and they were speaking and hearing in a language known only
to you and that select group.<span style="mso-spacerun: yes;"> </span>You simply
wouldn’t hear the requests made in other languages and therefore would not feel
any necessity to respond.<span style="mso-spacerun: yes;"> </span>There’s a
little more to this of course but you get the idea.<span style="mso-spacerun: yes;"> </span>You can get notice of the beta release by
subscribing to this blog. </span></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5386174085322939873.post-33881382541713751312013-05-05T17:03:00.005-07:002013-05-30T09:14:51.039-07:00Next-Gen Cyber Security is About Big Profits not IT Budgets<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: justify;">
<span style="font-family: Calibri;"><span style="font-family: "Calibri","sans-serif";">One of
challenges of cyber security at the CXO executive level is that legacy cyber
security solutions have historically been seen as just an expense for the
most part. However, next-generation solutions are poised to become
one of biggest profit opportunities for many firms. Senior management
has been reluctant to move on these next-generation solutions very quickly
however, and it’s no surprise. They have spent millions (or in some cases
billions) on legacy security solutions that simply don’t work. Many
managers know this truth first hand while others have only read about it. </span><span style="font-family: Times New Roman;"> </span></span></div>
<div class="separator" style="clear: both; text-align: justify;">
</div>
<div class="separator" style="clear: both; text-align: justify;">
<span style="font-family: Calibri;"><span style="font-family: "Calibri","sans-serif";">Some senior executives know
their present security solutions are not working but don’t want to pay twice or
three times for what they feel they should have gotten from the first
investment. They and their IT staff also lack the know-how to
assess new solutions. Other companies see this merely as a “tech-buying”
budget decision. Many of these managers are reluctant to admit that what
they have is not working, while simultaneously hoping they don’t get hacked.</span></span></div>
<span style="font-family: Calibri;"><div class="separator" style="clear: both; text-align: justify;">
<span style="font-family: "Calibri","sans-serif";"></span> </div>
<div class="separator" style="clear: both; text-align: justify;">
<span style="font-family: "Calibri","sans-serif";">The fact is, next
generation cyber security is poised to create one of the largest opportunities
to enhance profits available to business today. Why?
Because legacy solutions are not just flawed, they eat up to 80% of
network bandwidth capacity and computer processing power. They are at risk for large chunks of
downtime. This means large chunks of money right off bottom line profits
(just ask Sony), to say nothing of the cost of fixing compromised systems and
networks when the attacks are over (U of M and Saudi Aramco). This
failure to achieve real cyber security also stifles new and innovative product and service
offerings because these products cannot be secured for export. IP is too easily stolen, copied or counterfeited<i style="mso-bidi-font-style: normal;"> (Analyst
Report IDC Oct. 2008).</i> </span></div>
<div class="separator" style="clear: both; text-align: justify;">
</div>
<div class="separator" style="clear: both; text-align: justify;">
<span style="font-family: "Calibri","sans-serif";">What we have learned over
the years is that firms don’t focus on what they are not measuring. In
the telecom industry it was revenue-assurance solutions that were
quickly created when telecom providers began to measure unbillable network
call records for the first time and discovered that it had grown to over six percent of
their total revenue from a fraction of one percent ten years earlier.
Last year President Obama said the world is losing a trillion dollars to
cyber related crime each year. The U.S. government is beginning to
measure this but most firms still don't.</span><span style="font-family: "Calibri","sans-serif";"> </span></div>
<div class="separator" style="clear: both; text-align: justify;">
<span style="font-family: "Calibri","sans-serif";"></span> </div>
<div class="separator" style="clear: both; text-align: justify;">
<span style="font-family: "Calibri","sans-serif";">In the near future,
products, services and online platforms that have next-generation, built-in
security and privacy features (so that customer information and the
products/services themselves cannot be easily be hacked) will be given higher
valuations by Wall Street and investors. The lack of such a strategy for
enhancing profit and shareholder value will eliminate many firms as serious
competitors in their market space. </span></div>
<div style="text-align: justify;">
</div>
</span><br />
<div style="text-align: justify;">
</div>
<div class="separator" style="clear: both; text-align: justify;">
</div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 12pt; text-align: justify;">
<o:p><span style="font-family: Calibri;"> </span></o:p></div>
<div class="separator" style="clear: both; line-height: normal; margin: 0in 0in 12pt; text-align: justify;">
<span style="font-family: Calibri;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjowWehMZMtT9W-GLsLnjF8exQRzGqOoEEB4B_Ybyiui6qrg5OOx5FiBqYQLoP0KjGdj_pl_-2SDl9Lyu-OXT0s6uFU0bnHTVFTWHV_JD6rLSen21VovFEZnNyvrcaLbTkTX9yKttV7x0Q/s1600/cyber+insights+logo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="133" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjowWehMZMtT9W-GLsLnjF8exQRzGqOoEEB4B_Ybyiui6qrg5OOx5FiBqYQLoP0KjGdj_pl_-2SDl9Lyu-OXT0s6uFU0bnHTVFTWHV_JD6rLSen21VovFEZnNyvrcaLbTkTX9yKttV7x0Q/s200/cyber+insights+logo.png" width="200" /></a></span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 12pt;">
<br /></div>
Unknownnoreply@blogger.com0