April 2009 Archives

As a result of the recent addition to our family (baby boy born on 4/17), my blogging will be limited the next week or two. When I get back into swing, I'll resume writing about security things I read and hear.

TED is an awesome.

I enjoy watching TED talks for a number of reasons. First: the topics are almost invariably extremely interesting and the observations of the speakers are inspiring. Second: I believe that the more good presentations you view, the better your own presentations will become. Third: most presentations have some form of entertainment value.

Today I watched Dan Ariely's video on Why we think it's OK to cheat and steal (sometimes).

In the video, Ariely tries to answer the question if the probability of getting caught doing something wrong is related to the likelihood of cheating taking place. In other words: are people less likely to break the rules if their are more afraid of getting caught? The conclusion was something that should resonate very hard with information security professionals, and came a little bit as a surprise. The fear of getting caught does not apppear to have a very big impact on the probability of misuse taking place.

For a lightning round at yesterday's New York Higher Education Technology Forum, I was asked to deliver a 10 minute introduction to "Some Information Security Challenges in Cloud Computing".

As I usually do when I present, I first write down the stuff I want to say, and then I create a presentation based on that text. The draft text is included in the body of this post, the presentation (slides + text) can be downloaded here.