DSM 2015/3

Interview with James Kasprzak

Petr Hampl
Dr. Kasprzak, a lecturer who trains the leadership of the U.S. army, intelligence units, and other bodies of central government, explains his view of human brain operation and key priorities in any information protection strategy. He emphasizes that current identity leaks have resulted in irreversible changes in general understanding of privacy.

Interview with Alexander Kučera

Petr Hampl
A physician and a CEO of a small private clinic speaks about the reasons why he decided to move critical data into cloud. He also explains his view on benefi ts and risks of using external data centers and how his provider was selected. In his interview for Data Security Management, he also discusses reasons why physicians often fail in IT security issues.

Fraud detection in online environment – part II.

Jan Mészáros
The article introduces specifi c features of FDS (Fraud Detection System) in an organization delivering online services. It mainly focuses on the business, implementation, technical, and operational issues. It also describes key parameters for creating scenarios enabling fraud attempts identifi cation.

DDoS as a service

Vít Bukač
DoS (Denial of Service) attacks can be bought like any common business service and can used against any third party. The article describes the key features of this specific market and explains principal phases of an attack that is delivered as a service. The final part is dedicated to data flow identification.

Client identifi cation though voice biometry

Vladimír Matouš
A case study of implementation of automated voice recognition solution at Tatra banka starts with general explanation of voice recognition technology. The next part is focused on particular requirements of Tatra banka, including detailed goals of implementation. Description of implementation, processes and project results follows.

Pseudoanonymity – the Internet security risk

Jan Kolouch
The article, based on detailed analysis of Google’s EULA, shows some of risks, that users face using products and services of companies, such as Google, Microsoft, Apple etc. It is especially focused on personal data protection, especially its passing to third parties. Trade conditions of smart televisions and similar electronics are discussed as well.

Executive orders related to Czech Cybersecurity law – part III.

Legal aspects of internal policies – part II.

Kamil Malinka, Radim Polčák, Zdeněk Říha
The second part of the series examines understandability of internal policies, and especially relationship between understandability and effectuality, with reference to the Czech Supreme Court decision in this area. The second part of the article focuses on privacy, especially limits of legal monitoring of employees.

Can be user’s adherence to security policies measured?

Petr Hampl
Authorities and universities have developed measures enabling comparison between organizations and groups of user in terms of safe behavior. At the same time, methodology for prediction of failing of particular employees has been developed.