Your company's security posture is probably horrible (but it might be OK).

The past few years have provided us with a number of high profile hacks and data breaches. In 2010 Google famously announced that they were hacked and put out details on the compromise (later dubbed the Aurora incident). In the months that followed, it became clear that google were not the only Aurora victims. Companies in almost every sector from DuPont to Disney were also breached (but were less forthcoming on the details).

If these companies, widely lauded as having the brightest minds in their respective spaces were so publicly spanked, an obvious question raises its head?

Why wasn't yours?

Sadly two of the likeliest answers to this question are equally uncomfortable.
a) you haven't been compromised (yet) because people haven't bothered
b) your company has been compromised and you just don't know it

Brian Snow, former director of Information Assurance for the NSA said it best at a conference in Greece recently: "I’m here to tell you that your cyber systems continue to function and serve you not due to the expertise of your security staff but solely due to the sufferance of
your opponents".


This post is about 6 months overdue, but we have been busy with a whole bunch of interesting projects (which always manages to dent blogging time.)

One of these projects, is

We formed Thinkst to work on difficult, interesting problems, and while working on security problems for a well known media organisation, we bumped into (a surprisingly common) problem organisations have: failing to benefit from the available insights afforded by the real-time social media networks. managed to win the Knight Fundation's News Challenge in 2012 (which we take as pretty good validation for the idea). If you have 3 minutes, checkout the video on the page. It still shows version-1 of the interface (we have gotten all fancy since!) but should give you a good overview of the product.