Information Security Monthly
FRSecure Services: Assessment   Consulting   Compliance   Stories   FRSecureU
March 2012
In This Issue
What Motivates You?
CISSP Training Program
MN Breach News
Quick Links
Like us on Facebook Follow us on Twitter View our profile on LinkedIn Visit our blog View our videos on YouTube
Join Our Blog!

Join Our Mailing List
What Motivates You?
Evan Francen - President
By Evan Francen, President FRSecure 

We all have motivations behind what we do, but have you ever given any though to what motivates you with respect to information security?  Over the years, we've identified four primary motivations for information security actions, but only one is the best option.

The four motivations are:

  • Everybody else is doing it
  • We've been forced
  • Reaction to an adverse event (breach)
  • We understand the importance
 
Everybody Else is Doing It

 

We all have a herd mentality to some extent. We watch what other people are wearing, we pay attention to the cars other people are driving, and we emulate those people we admire. The tendency is to take this same herd mentality into the area of information security. We compare what we're doing with what other organizations in our industry are doing. There are some real pitfalls in following this logic:

  • If other organizations are doing the wrong things, so are you. - If your peer organizations are unwisely spending on information security, so you will likely be.
[...]
CISSP Training Program
CISSP Training Starts in May
Our next CISSP class starts in May and runs through June
 
Led by Evan Francen, FRSecure President and 20 year Information Security veteran, our training program is designed to not only help you prepare for the exam, but give you real world experience that you can put to use in your organization.

 

If you are contemplating getting your CISSP certification, or if you have information security responsibilities, this class is for you.
 
Breach News
 
A recent story in the WSJ highlights the extent of identity crime in our own backyard.  When I read the article, the thing that caught my eye was the last paragraph about the victims.  Makes me wonder, who are the real victims?
 
 

MINNEAPOLIS - A federal jury convicted two people on Tuesday for their roles in a $50 million bank fraud conspiracy that authorities say depended on identity theft by employees of some of America's largest banks.


[...]

 

So far, 27 people have either pleaded guilty or been convicted in the scheme, in which customer identities were stolen, then bought and sold, and used to create phony bank and credit card accounts, apply for loans, or get cash. Prosecutors say the conspiracy was carried out from 2006 through 2011 in Minnesota, California, Massachusetts, Arizona, New York and Texas.

 
[...]
 
Victims included American Express, Associated Bank, Bank of America, Capital One, Guaranty Bank, JP Morgan Chase Bank, TCF Bank, US Bank, Wachovia Bank, Washington Mutual, and Wells Fargo.
 
 
We value your feedback.  If you have questions about information security that you would like to have answered, simply reply to this email.
 
Sincerely,
 

Evan Francen
FRSecure