Sutton’s Law

Willie Sutton, a prolific bank robber, is reported to have responded to the question, “Why do you rob banks?” by saying “Because that’s where the money is.”

“Hackers Targeted Merger Discussions,” Wall Street Journal, December 2, 2014 B1.  Evidence from FireEye that hackers are targeting CFOs, advisory firms, and others (lawyers?) involved in acquisitions, in the hope of gaining an edge for investments.  Targets predominantly health care and pharmaceuticals.

Where’s the money or currency equivalent in your business? What information does your business have that would be most valuable to someone else?  Who is the most likely inside source of that information?  How protected and security-aware are they?

Advertisements

Leave a comment

Filed under Board, Business Case, Controls, Duty of Care, Governance, Information, Internal controls, IT, Management, Oversight, Oversight, Protect, Protect assets, Protect information assets, Risk, Security, Third parties, Value

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s