Some readers of our 2009 Data Breach Investigations Report have inquired about this odd inscription on page 48. Is it a printing mistake? An easter egg? A secret message? Random gibberish from an insane mind? Hmmm…

Well, we’re not going to reveal all here but we will tell you that it was entirely intentional and that the hunt doesn’t end with a french oxymoron. If you’re into puzzles, it might be an enjoyable way to pass some time during one of those dreadful post-lunch conference calls you inevitably get dragged into. A few others have figured it out (see here, here, and here), though we warn you that the links definitely contain spoilers.

Happy Hunting.

At times, there are topics in information security discussions that get a lot of attention, fall out of interest, only to be resurrected again and reemerge as a hot topic. I call these “Information Security Zombie Memes”; they are the walking dead of discussion and rhetoric that we can’t seem to destroy. Return on investment, security and obscurity, full/partial/responsible disclosure, how to measure security, and such topics are good examples of those subjects that boomerang back around into our collective consciousness again and again. One that has been in my mind lately as I think about the convergence of risk management and management science, is the “security, art or science” meme. (more…)