February 13, 2009 · 10:18 am

E-Records Transition Can be costly

BBC reports one manager in Britain very upset over the cost to his organization:

Andrew Way, chief executive of London’s Royal Free Hospital, said technical problems had cost the trust £10m and meant fewer patients could be seen.

The Department of Health said lessons had been learnt from the trial.

The England scheme, part of a £12bn IT upgrade, aims to put 50 million patient records on a secure database by 2014.

Implementation costs are important to consider when designing and evaluating policies.

Leave a comment

Filed under electronic medical records

Tagged as ,

February 13, 2009 · 5:28 am

Internet Privacy – FTC worried self regulation not working

Lots of tangents from the story on new FTC study on industry policing and advertising their privacy policies:

  • FTC has two votes for regulation or legislation (doubts cast upon self regulation as a tool – public failure)
  • Study thinks companies make the information regarding their privacy policies too difficulty for the average person to find/comprehend (market failure = information assymetry)

Points of interest here:

  • Center for Digital Democracy
  • Future of Privacy Forum

Interesting difference in headlines:

Note to self:  Start an inventory of policy tools in each category of cyber policy

Leave a comment

Filed under cybersecurity, policy tools

Tagged as , , , , ,

February 12, 2009 · 5:14 pm

New Policy Tool for Cyber Security – Bounty Hunting

Microsoft is offer $250,000 for the heads of those responsible for constructing conficker.

Leave a comment

Filed under cybersecurity

Tagged as

February 12, 2009 · 5:05 pm

Cyber Threats – A known surprise

Evidently, according to a Defense Science Board study, the Pentagon needs to address institutional change to deal with the new threat environment.  Interesting categorization of surpises as “surprise” surprises and “known” surprisies.

According to this report:

Among the “known surprises” are threats in the cyber realm, space and nuclear regimes. The study’s authors conclude that the US has made a start in dealing with the cyber threat “but we still have a large, difficult and costly way to go.” To mitigate those risks the chairman of the Joint Chiefs must initiate a series of exercises to gauge “what and how deep our vulnerabilities are.” Also, the services and combatant commands must improve the ability of critical information systems to resist attack.

so, where are the thought leaders on weaponizing cyber capabilities?

Of interest as a research target for lowering cyber risk: OR Applications for ISR

Click to access 2009-01-Operations_Research.pdf

Leave a comment

Filed under cybersecurity

Tagged as , , ,

January 30, 2009 · 6:30 am

Unintended Consequences of COPPA

Parry Aftab notes that when COPPA first became effective, a lot of children’s websites simply went away — assumingly because the owners could not manage or understand the COPPA requirements. And, for those that remain:

While the sites want to do the right thing, they are often adopting “do it yourself” methods that violate the law or put kids at risk unintentionally. Best practice standards for the kids Internet industry are new and require professional guidance.

How do you measure the cost of compliance?  Should those costs be transparent when policies are created?

Leave a comment

Filed under cybersecurity

Tagged as ,

January 30, 2009 · 6:24 am

Intelligence ln Sentiment

How much easier would it be to manage risk in an organization if you were able to divine the mood of the staff?  Robert Scoble has this interesting comment from his talk with

**Facebook is, he told me, studying “sentiment” behavior. It hasn’t yet used that research in its public service yet, but is looking to figure out if people are having a good day or bad day. He said that already his teams are able to sense when nasty news, like stock prices are headed down, is underway. He also told me that the sentiment engine notices a lot of “going out” kinds of messages on Friday afternoon and then notices a lot of “hungover” messages on Saturday morning. He’s not sure where that research will lead. We talked about how sentiment analysis might lead to a new kind of news display in Facebook. Knowing whether a story is positive or negative would let Facebook pick a good selection of both kinds of news, or maybe even let you choose whether you want to see only “happy” news

Leave a comment

Filed under cybersecurity

Tagged as ,

January 27, 2009 · 8:00 am

Science and democracy have always been twins.

A simple statement with a magnitude of implications.  From an essay in today’s NYT by Dennis Overby:

It is no coincidence that these are the same qualities that make for democracy and that they arose as a collective behavior about the same time that parliamentary democracies were appearing. If there is anything democracy requires and thrives on, it is the willingness to embrace debate and respect one another and the freedom to shun received wisdom. Science and democracy have always been twins.

Then, in the Post, an article concerning Wayne Clough’s vision to make the holdings of the Smithsonian available to all using the internet.  The curators of the Smithsonian are having some difficulty understanding what their role will be if everything is available for anyone to see.  The gatekeepers ask, “Who will guarantee the quality of knowledge?”  To which, Chris Anderson, editor in chief of Wired, replies:

“Is it our job to be smart and be the best? Or is it our job to share knowledge?” Anderson asked.

Sharing knowledge, sharing information — that’s what makes democracy work.  And, sharing information makes markets more efficient.  I think the philosophers and economists can agree on that point.

1 Comment

Filed under Government, Information, Market Failure, public values

Tagged as , ,

January 26, 2009 · 4:13 pm

Cyber Policy – Safety and the Internet – An update

Parry Aftab, blogging on the McAfee Security Insights Blog, gives a quick history on the Internet Safety Task Force that was, well, taken to task because of its corporate funding partners (See Jan 25 post).  She says further research is in the future:

The ISTTF is the first task force of its kind in the United States. And, although it may not have provided major new findings, it did get things jump-started. The National Telecommunications and Information Administration’s (NTIA) working group will be announced very shortly and hopefully one under the guidance of the Federal Trade Commission (FTC) will be compiled. The Attorneys General are seeking more concrete recommendations and an action plan. And the members of the ISTTF are looking for the opportunity to provide those concrete recommendations.

A journey, not a destination…we need to remember that.

Leave a comment

Filed under cybersecurity, public values

January 26, 2009 · 12:40 pm

Cybersecurity – Patriotism doesn’t always defend

Securityfix presents interesting analysis concerning conficker — seems the creators don’t mind soiling their native lands.

According to an analysis by Microsoft engineers, the original version of the Downadup (a.k.a. “Conficker”) worm will quit the installation process if the malware detects the host system is configured with a Ukrainian keyboard layout. However, the latest variant has no such restriction. Stats collected by Finnish computer security firm F-Secure show that Russia and Ukraine had the second and fifth-largest number of victims from the worm, 139,934 and 63,939, respectively, as of Tuesday, Jan. 20.

Leave a comment

Filed under cybersecurity

Tagged as ,

January 26, 2009 · 12:36 pm

Stem Cell’s – Business Proposition to be proven

California’s $3 billion effort has just begun (2007) — and this article from the San Jose Mercury News points out that profits are long term, not short term, because:

  1. Ethical/moral arguments surrounding stem cell research
  2. So little is known, basic research is the first recipient of funds
  3. Risky process of developing product keeps investors at bay
  4. Two companies, Geron and Advanced Cell, hold many of the patents for human embryonic stem cell research and associated technologies.

However, there are eternal optimists:

“You’ll see more companies forming around embryonic work,” said Gregory Bonfiglio, managing partner of Palo Alto-based Proteus Venture Partners, which plans to invest in such firms. “This technology will fundamentally change health care.”

Leave a comment

Filed under stem cell