Friday, 15 November 2019

The cost of cyber security isn't just the purchase price

I know we often hear it said in the general security community that security is seen as a cost to the business and that’s why it can be hard to get funding.

Brian Krebbs has blogged on research examining what happens at US hospitals after a data breach or ransomware attack.
Hospitals that have been hit by a data breach or ransomware attack can expect to see an increase in the death rate among heart patients in the following months or years because of cybersecurity remediation efforts, a new study posits.

As PBS noted in its coverage of the Vanderbilt study, after data breaches as many as 36 additional deaths per 10,000 heart attacks occurred annually at the hundreds of hospitals examined.
The researchers found that for care centers that experienced a breach, it took an additional 2.7 minutes for suspected heart attack patients to receive an electrocardiogram. 
“Breach remediation efforts were associated with deterioration in timeliness of care and patient outcomes,” the authors found. “Remediation activity may introduce changes that delay, complicate or disrupt health IT and patient care processes.”

The cost of a control isn’t just in the purchase price, but also potentially in loss of productivity. In many cases an organisation accepts that cost because of the benefits the control brings. But we do need to be cognisant that their may be hidden costs to an organisation when implementing a new control. Is there really benefit in disrupting our users for some marginal security gain?
Posted by at No comments:
Labels: ,

Sunday, 10 November 2019

Saint-Cyr class of 1914

In his lecture The Fall of France, Mark Gerges cites the Saint-Cyr and a plaque with a year and the list of graduates who died defending France. The exception is the class of 1914, which reads the "Class of  1914". This is because 100% of the graduates of that class died defending France.

Posted by at No comments:
Labels:

Red Army concentration of force

In a lecture to The Dole Institute of Politics, Dr. Jonathon House explains How the Red Army Defeated Germany: The Three Alibis.

In the lecture he talks about Red Army doctrine that used deception and concentration of force to achieve localised overwhelming force of numbers.

In Operation Bagration
185 Red Army divisions comprising 2.3 million soldiers and 4,000 tanks and assault guns smashed into the German positions on a front of 200 km. The 800,000-strong Army Group Centre was crushed.


House explains that on a five mile wide front, the Red Army concentrated five divisions and a separate tank brigade against one German division. There were four other places along the front with similar force ratios.

This came after the Red Army had fooled the Germans into believing an attack would come further south, causing the Germans to  move forces south.

Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)