Sutton’s Law

Willie Sutton, a prolific bank robber, is reported to have responded to the question, “Why do you rob banks?” by saying “Because that’s where the money is.”

“Hackers Targeted Merger Discussions,” Wall Street Journal, December 2, 2014 B1.  Evidence from FireEye that hackers are targeting CFOs, advisory firms, and others (lawyers?) involved in acquisitions, in the hope of gaining an edge for investments.  Targets predominantly health care and pharmaceuticals.

Where’s the money or currency equivalent in your business? What information does your business have that would be most valuable to someone else?  Who is the most likely inside source of that information?  How protected and security-aware are they?


Leave a comment

Filed under Board, Business Case, Controls, Duty of Care, Governance, Information, Internal controls, IT, Management, Oversight, Oversight, Protect, Protect assets, Protect information assets, Risk, Security, Third parties, Value

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s