We have a few Securosis news items that hopefully you will find useful. We get a lot of feedback and ideas from readers about how they want to use our site, or when and how they view the posts. It’s an amazingly diverse group of preferences, scattered like a shotgun blast across the spectrum of options. We hear you, so in our quest to deliver the blog content through every new media medium we think you might like, we have implemented a couple new ways to read the blog and the research library.

Rich has been toiling away this past week to get an iPhone compatible site up and running. You can find it at www.securosis.com/iphone. You should consider this a beta release. There are a few bugs and behavioral issues to work out, but I don’t think Rich ever touched AJAX before this week, so he has done a pretty nice job at figuring it all out on his own. If you have comments or suggestions, or if you are an expert with AJAX and Expression Engine, by all means, please send us feedback and hints on what else you want to see. But be prepared as Rich may ask you some technical questions on debugging in return!

We have also made Securosis available on the Kindle through Amazon. As you know we are not like other research firms, and we do not charge for the vast majority of our content. Rich and I had along debate on whether to do this as you have to pay for the subscription, and that’s not really our style. And heck, neither one of us even owns a Kindle, but we just plain like the idea. The Kindle is a very cool device. As far as the subscription goes, we figured you had a choice in the matter, and can visit the web site or subscribe to the RSS feed and still get all the free content.

Speaking of RSS feeds, sometime in the near future, maybe even by the time you read this, we will have a dedicated Friday only RSS feed. Many of you have requested a weekly summary rather than the daily, so those who want the just the digest version, this is for you. There is also a sign up link to the right-hand menu.

And now for the week in review:

Webcasts, Podcasts, Outside Writing, and Conferences

Favorite Securosis Posts

Other Securosis Posts

Project Quant Posts

Favorite Outside Posts

Top News and Posts

Blog Comment of the Week

This week’s best comment comes from Patrick Florer in response to Creating a Standard for Data Breach Costs:

I have been working on something similar. Distinguishing between those costs that make sense on a per record basis and those that make sense on a per incident basis is very important. Some breaches can be measured by records lost. Others, like IP theft, cannot be measured in that way, so it’s important to take that into consideration, too. As a guide, I am using the breakout of loss magnitude provided by FAIR – primary and secondary losses – and the various categories within each. Also, when talking about the “cost” of a data breach, it’s important to recognize that a number of parties might have costs – the breached entity, business partners, customers, individuals, law enforcement (hence the public at large), shareholders, etc. So it also becomes a question of whose costs we are talking about.