Building Security into System Design Hale argues that information systems need to be designed with security as a primary factor. He starts the article be emphasizing the number of attacks and their related costs. He notes it is relatively inexpensive to hack any given enterprise which is specifically targeted by skilled hackers, who are always a step ahead of the security researchers and patch writers. He notes that in general, systems are not designed with security in mind, and as a result… 5 Feb 2009 :: Security :: #proactive security #vendor responsibility #network security #enterprise security
Conflicting Parties and Privacy Policies …describes the conflicts that arise between business units, executives, and external parties during privacy policy development, as well as the difficulties in implementing a privacy policy once developed. The main example cited in the article was a conflict between the Chief Privacy Officer (CPO) and the marketing group. The CPO's goal is to protect individuals, and generally wants to maintain the least amount of data necessary for any given individual. At the same time, marketing organizations want the most information per individual possible… 8 Dec 2008 :: Security :: #privacy #enterprise security