DETROIT – So who has not been watching the Olympics? As a security professional, is there something that you notice conspicuously missing? Well? That’s right, a significant lack of news related to any type of incidents arising from terrorism, or other endangerment to either participants or attendees. This is a very good thing. Usually security is at it’s best when it is invisible.

The only real exception to that was an event that happened in a tourist venue during the first few days of the opening of the events. Todd Bachman of Minneapolis is dead and his wife, Barbara, has been injured after both were stabbed in the trendy Ho Hai section of Beijing. The attacker later killed himself by leaping from the tower. The Bachmans were parents of a previous Olympic athlete.

As we know, not all previous Olympics went so smoothly – Munich in 1972 being particularly catastrophic. The methods by which the Beijing Olympics were held so flawlessly are many, and are by no means happenstance. To learn more about it, you can go to an official website for Olympic security Bajayab.CN Just make sure you click on the english button at the top right, unless of course you can read chinese. Oh, and don’t expect anything too current here, as news on this site has not been updated since 2007. But because they have been working on various aspects of this project since 2002, it still provides some interesting reading for those that want to know what went into making the Olympics safe.

Despite the perfect face put on for the world during China’s participation as the host of the Olympic games, negative events from a security perspective have occurred. The non-realization of the human rights communities expectation of several protests of the deplorable human rights practices of the Chinese government was one non-event. Of course, recent publicity surrounding a couple of senior age women that formally requested access to the official protest area that was made available to the public during the Olympics, and their subsequent persecution, including confiscation of their property and imprisonment, might provide some explanation of why so few people took the Chinese up on their offer to peacefully protest.

There is also the matter of bogus tickets sold to people wishing to attend Olympic events. Large numbers of these counterfeit tickets were sold, happy attendees invested in pricey air fare to Beijing, hotel accommodations were made, travel to the venue’s arranged, just to be told at arrival at the gate that the hopeful attendee was holding a bogus ticket. Now wouldn’t that make your day? The only real losers here of course were the people left holding the tickets. The airlines, hotels and everyone else in the cash chain, including the perpetrators of the bogus tickets were all revenue enhanced. We like dead languages in the US – I bet you know what Caveat Emptor means. It definitely applies in the security world.

In another week or so, with a hopefully uneventful conclusion to the Olympic games, the world’s attention will return once more to the day to day activities that keep us occupied during the 4 years between these brief spurts of incredible athletic achievement. When that happens, I have a couple of questions that maybe some readers can help me out with.

Question one – When will people realize that encrypting laptops is not optional if you have any type of sensitive data on it? July 11, 2008 was the date of yet one more laptop theft (12 actually from the same SC location) that contained personal information on over 9,000 employees. To protect the incompetent, I won’t name names, but the articles are easy enough to find on the internet. How many more of these incidents do there have to be? This is like kids and seat belts – if you have one, you need the other. That simple. I would even extend that to desktops, as they are targets as well. Particularly if you believe what you hear about employee use of Bit Torrent these days. If the data should not be shared, let’s not share it, eh?

Question two – When is Todd Davis going down? The President of Lifelock, a personal identity protection service, uses his social security number in all his advertising, basically saying to the entire black hat community – come get me if you can. While I appreciate his nads for taking this direct of an approach, and am guessing that it is probably quite effective in gaining new sales, I am also waiting the inevitability of a weakness in the system causing Goliath to tumble. What say you – am I concerned for nothing, or are you to waiting to see what happens as well?

Question three – How exactly does insurance for data theft work when it comes to culpability? Premier Insurance Management Services is now offering “data privacy and network risk liability” insurance for healthcare data breaches to help defray the expenses related to crisis management, public relations, customer notification, expenses, government fines and penalties resulting from a data breach. Now if I insure my home, am a smoker and leave an open can of gas in the kitchen while I am cooking dinner (and smoking), does my homeowners policy cover me when I burn my hand, drop my cigarette and the kitchen goes up in flames? Probably not. So what data breaches DON’T they cover? Do I need the equivalent of flood insurance for some instances? If an employee steals data, does that equate to arson? This is a brave new frontier that is now being explored. If you are in the health care industry, are you considering a plan like this? Are you worried that because most breaches can be prevented, that you will not be awarded damages if you do have to file a claim?

This column was written by Hans Erickson, communications officer for Michigan InfraGard and CIO of the Detroit Regional Chamber. If you have news or column ideas for Hans, email [email protected]

a>>