Monthly Archives: September 2014

A dozen nuggets

Departure from form, again.  Here are 12 quick nuggets from today’s WSJ.

  1. “Hacker Breaches Part of Federal Health Site,” Wall Street Journal, September 5, 2014 A1.  The broad network of HealthCare.gov got breached and malware added, albeit only a test environment.  And it wasn’t because the site was targeted.
  2. “Health-Care Risk for Migrants,”Wall Street Journal, September 5, 2014 A2.  Immigrants who fail to verify they’re in the US legally will be dropped from ObamaCare today. [Why did this one go to page A2 while the first one was front page, above-the-fold, right-hand column? Is there an election coming up?]
  3. “Governor Apologizes for Twitter Photo Misfire (sic),” Wall Street Journal, September 5, 2014 A5.  Someone reportedly uploaded a photo of a woman in leather instead of a photo of a news conference.  Haven’t we all made that mistake?
  4. “China Detains Journalists as State Scrutiny of Media Increases,” Wall Street Journal, September 5, 2014 A9.   Charge is suspected extortion, by charging high fees for favorable news articles.
  5. “Apple Boosts iCloud Security, Jumps Into Digital Payments,” Wall Street Journal, September 5, 2014 B1  New Smartwatch to offer tap-to-pay, which is a different information delivery system. Apple alleges celebrity hacks were user error/choice.
  6. [The prior piece is really two nuggets.]
  7. “Nvidia Hits Samsung, Qualcomm With Suits On Patents,” Wall Street Journal, September 5, 2014 B3. Lawsuits to protect patents, which are an information asset.
  8. “Internet Firm, LVMH Settle Over Trademarks,” Wall Street Journal, September 5, 2014 B3. Suit settled between Google and luxury brand marketer over counterfeit goods.
  9. “Plastic Industry Ramps Up Security,” Wall Street Journal, September 5, 2014 C1.  Post-Target moves to make credit card payment (which is an information process) more secure.
  10. “Fast Traders Blamed as Firm Closes,” Wall Street Journal, September 5, 2014 C2. Hedge fund blames its closure on high-frequency traders.
  11. “Funding Tool Masks China Debt,” Wall Street Journal, September 5, 2014 C3.  Process used to raise money in a way that disguises your debt.
  12. “Security Needed on FireEye,” Wall Street Journal, September 5, 2014 C8.  Cybersecurity firm’s market value rises and falls on news of cyberattacks and Apple’s response.

Now, you may not see information governance issues in all of these, but it struck me as a busy day.

1 Comment

Filed under Board, Business Case, Collect, Controls, Culture, Duty of Care, Governance, HR, Information, Interconnections, Internal controls, IT, Management, Oversight, Ownership, Privacy, Protect, Protect assets, Protect information assets, Risk, Security, Use, Value

Arms race

Your football offense used to be widely successful with the back-shoulder pass.  Now it isn’t.  Why?

Studying the statistics, it appears that while height matters,  the length of the arms of the cornerback is decisive.  And the Seattle Seahawks were masters of the defense.

“How the Seattle Seahawks Changed the NFL,” Wall Street Journal, September 4, 2014 D6.

What does this have to do with information governance?  Think about the changing nature of metrics.  What were the performance statistics that the teams looked at when drafting talent?  Running speed, height, weight, etc.  Who knew before last year’s NFC title game that the arm length mattered?  Well, Seattle.

Will this start, forgive me, an arms race, as teams start looking for ever-taller receivers and ever-taller (and longer-armed) cornerbacks?  Don’t know.  But are the information metrics you monitor the right metrics, and are they changing?

Leave a comment

Filed under Analytics, Collect, Definition, Information, Management, Operations, Use, Use, Value

2 Targets plus 1; recurring themes

Well, the attack on Apple’s iCloud was targeted on high-value targets: celebrities.  “Apple:’Targeted Attack’ Led to Breach,” Wall Street Journal, Wednesday, September 3, 2014 B1.  It all happens a week before the roll-out of the Apple iPhone6.

And Home Depot apparently is a target for a Target-like attack. “Home Depot Investigate Possible Date Theft,” Wall Street Journal, Wednesday, September 3, 2014 B1.  Breach may have started in April (before the heavy buying season at HD), but just got reported by Brian Krebs.  He reported Target’s breach as well.

Finally, PG&E.  Following the explosion in San Bruno in 2010 that killed 8, it was reported that PG&E couldn’t find inspection records for a surprisingly large portion of its pipelines. “PG&E Faces Fine Over Blast,” Wall Street Journal, September 3, 2014 B3.  California regulators propose a $1.4 billion fine.  PG&E calls it “appropriate.”  Do those fines penalize the shareholders or directors or management at the time the decisions were made, or not, leading to the explosion?

Do you store stuff on line?  Do you use a credit card?  Is information management small potatoes?

Leave a comment

Filed under Board, Business Case, Collection, Compliance, Compliance, Compliance, Compliance Verification, Controls, Culture, Duty of Care, Governance, Information, Interconnections, Internal controls, Investor relations, IT, Management, Oversight, Ownership, Privacy, Protect, Risk, Security, Use, Value

Eggs and baskets

If you put all your eggs in one basket, watch that basket.  Or others will.

What leads me to this statement?  “Apple Will Investigate Celebrity Hackings,” Wall Street Journal, September 2, 2014 B6.  Photos and videos that celebrities had posted to their own iCloud accounts got hacked and published.  Not sure yet whether it was password compromise or a deeper security problem with iCloud.

Is there information you don’t want others to see?  Don’t post it anywhere in the cloud.  You may even wish to encrypt it on your hard drive and any other places it is stored, if you store it on/in a connected device.  This applies equally to videos of yourself and to sensitive corporate information — the common elements are: 1.  Sensitive information; 2. Electronic storage; 3. Users who don’t understand (or appreciate) the risks.

Leave a comment

Filed under Business Case, Controls, Information, Interconnections, Internal controls, IT, Privacy, Risk, Security, Value