2.24.2013

Federal Sequester - Who's fooling Whom?

$85B - Annual impact of 'Sequester' on US Government Spending.
$85B - Monthly 'purchase' of US Treasury Bonds ($40B) and Mortgage backed securities ($45)

The sequester doesn't touch 80% of US Federal Government deficit spending this year or any year to follow.

And how does the government 'pay' for that deficit? The Federal Government simply issues IOU's in the form of US Treasury Bonds, Bills, and Notes. Because of the eroding confidence in the US Treasury's ability or desire honor those debts - the Federal Reserve Bank buys what the market won't with 'money' ingeniously and simply created on it's own balance sheet.

Sequester? Killing the economy? If a less than 20% cut in the unfunded or deficit spending trigger's a new recession, it's not sequestration that caused it. We need look no further than the chickens of massive Federal Reserve money creation machine coming home to roost, coupled with profligate Federal spending.

Let's get real. Who's fooling whom?

2.18.2013

Data breach, are you prepared?


I witnessed an exchange between a senior level corporate executive charged with his company’s data security, and a security practitioner who asked him as a briefing opener, “What are your company’s plans for addressing a data breach?” The executive replied “Working at my local gas station.” The speaker dutifully chuckled and then said “No, really - what is your corporate breach procedure?” The executive responded “That’s not an option. I have a friend who owns a gas station not far from my house, and should my company be breached, I’ll be working for him the following day.”

You may be thinking (as did I at the time) that our hapless security officer was just trying to lighten the mood. And like me, you'd be wrong. I won’t elaborate as did this executive, but suffice it to say he appeared completely serious providing entirely too much information about his exit strategy, should it come to that. Since then I’ve thought long and hard about the issue.

Those in our business who’s job it is to identify the signs of breach and provide technology to mitigate it know that breach is not necessarily (and usually is not) catastrophic. But ignoring the skull and cross-bones on the bottle won’t make the poison any less deadly. Pretending breach can’t happen is likely only to exacerbate it’s effects.

To protect our businesses and systems against breach with human and technical measures is table stakes. To prepare to respond to data breach is the same as any other contingency or business continuity planning - is simply best practice. It's unfortunate the lack of the latter remains 'the unthinkable' to so many - evidenced by the following ground-hog's day scenario:

  • Week 1 (Company Spokesman) “The system compromised was an ancillary system containing no personally identifiable information."  
  • Week 4 (Company Spokesman) “We've determined that a small number of email addresses were leaked and we've notified the affected individuals. There is no evidence of further compromise."
  • Week 8 (Company Spokesman) "Our authentication system was apparently compromised and we've reset the affected accounts and notified account holders. Our systems are now secure." 
  • Week 10 (New spokesman) "Acme Inc. deplores the illegal and criminal theft of user accounts and business data, and is recommending it's customers and business partners reset their passwords and contact our hotline should they notice any unusual account activity."  
  • Week 12 (a Business Journal) "Acme Inc. shares continue to fall on further reports revealing the scope of last quarter's data breach and it's management's apparent inability to address the fallout in an open, timely, and forthright manner.

The bottom line is aptly articulated by Brian Lapidus, COO of the Cybersecurity & Information Assurance practice of Kroll:

“Establish a comprehensive breach preparedness plan that will enable decisive action and prevent operational paralysis when a data breach occurs.”

Not quite the head-in-the-sand approach of our executive friend.


That data breaches occur is unsurprising. The trend indicates they will increase in both frequency and magnitude. Does your disaster recovery plan include a defined procedure to classify and deal with data breach? Has it been tested? Do you perform at least annual 'dry-runs?' If so, thank you. If not, why not?

Here is but a sampling of practice guidelines to help you get started:
http://www.krollcybersecurity.com/resources/data-security-resources/data-breach-prevention-tips.aspx
http://www.diskagent.com/resources/Data_Breach_Incident_Response_Workbook_by_Debix.pdf
http://usa.visa.com/download/merchants/cisp_responding_to_a_data_breach.pdf
http://www.experian.com/assets/data-breach/brochures/response-guide.pdf
http://www.americanbar.org/content/dam/aba/administrative/litigation/materials/sac_2012/22-15_intro_to_data_security_breach_preparedness.authcheckdam.pdf
http://www.justice.gov/opcl/breach-procedures.pdf
http://www.ibm.com/developerworks/library/cl-hipaa/index.html

~r

1.21.2013

After 26 Years - Questions: A Farewell to Congress



Excessive government has created such a mess it prompts many questions:
  • Why are sick people who use medical marijuana put in prison?
  • Why does the federal government re- strict the drinking of raw milk?
  • Why can’t Americans manufacture rope and other products from hemp?
  • Why are Americans not allowed to use gold and silver as legal tender as mandated by the Constitution?
  • Why do our political leaders believe it’s unnecessary to thoroughly audit our own gold?
  • Why can’t Americans decide which type of light bulbs they can buy
  • Why is the TSA permitted to abuse the rights of any American traveling by air?
  • Why should there be mandatory sen- tences—even up to life for crimes without victims—as our drug laws require?
  • Why is Germany concerned enough to consider repatriating their gold held by the FED for her in New York? Is it that the trust in the U.S. and dol- lar supremacy is beginning to wane?
  • Why have we allowed the federal government to regulate commodes in our homes?
  • Why is it political suicide for anyone to criticize AIPAC ?
  • Why haven’t we given up on the drug war since it’s an obvious failure and violates the people’s rights? Has nobody noticed that the authorities can’t even keep drugs out of the pris- ons? How can making our entire so- ciety a prison solve the problem?
  • Why do we sacrifice so much getting needlessly involved in border dis- putes and civil strife around the world and ignore the root cause of the most deadly border in the world—the one between Mexico and the U.S.?
  • Why does changing the party in pow- er never change policy? Could it be that the views of both parties are es- sentially the same?
  • Why did the big banks, the large cor- porations, and foreign banks and for- eign central banks get bailed out in 2008 and the middle class lost their jobs and their homes?
  • Why do so many accept the deeply flawed principle that government bu- reaucrats and politicians can protect us from ourselves without totally de- stroying the principle of liberty?
  • Why do so many in the government and the federal officials believe that creating money out of thin air creates wealth?
  • Why does Congress willingly give up its prerogatives to the Executive Branch?
  • Why can’t people understand that war always destroys wealth and lib- erty?
  • Why did we ever give the govern- ment a safe haven for initiating vio- lence against the people? 
  • Why is patriotism thought to be blind loyalty to the government and the politicians who run it, rather than loyalty to the principles of liberty and support for the people? Real patrio- tism is a willingness to challenge the government when it’s wrong.
  • Why do some members defend free markets, but not civil liberties?
  • Why do some members defend civil liberties but not free markets? Aren’t they the same?
  • Why is there so little concern for the Executive Order that gives the Presi- dent authority to establish a “kill list,” including American citizens, of those targeted for assassination?
  • Why don’t more defend both eco- nomic liberty and personal liberty?
  • Why is it claimed that if people won’t or can’t take care of their own needs, that people in government can do it for them?
  • Why are there not more individuals who seek to intellectually influence others to bring about positive chang- es than those who seek power to force others to obey their commands?
  • Why do we allow the government and the Federal Reserve to dissemi- nate false information dealing with both economic and foreign policy?
  • Why is democracy held in such high esteem when it’s the enemy of the minority and makes all rights relative to the dictates of the majority?
  • Why should anyone be surprised that Congress has no credibility, since there’s such a disconnect betweenwhat politicians say and what they do?
  • Why does the use of religion to sup- port a social gospel and preemptive wars, both of which requires au- thoritarians to use violence, or the threat of violence, go unchallenged? Aggression and forced redistribution of wealth has nothing to do with the teachings of the world great re- ligions.
  • Is there any explanation for all the deception, the unhappiness, the fear of the future, the loss of confidence in our leaders, the distrust, the an- ger and frustration? Yes there is, and there’s a way to reverse these atti- tudes. The negative perceptions are logical and a consequence of bad policies bringing about our prob- lems. Identification of the problems and recognizing the cause allow the proper changes to come easy.