Security Awareness
From the Web
Some Possible Insights into Geo-Economics of Security
July 21, 2010 from: Rsnake's blog at ha.ckers.org
Buying a certificate to allow for transport security is a good idea if you’re worried about man in the middle attacks. But when you’re in another country where the cost of running your website is a significant investment compared to the United States, suddenly the fees associated with the risks are totally lopsided...
Comments (0)
From the Web
Effectiveness of User Training… and Security Products in General
March 17, 2010 from: Rsnake's blog at ha.ckers.org
It’s not every day I come across real wisdom in research but I saw a link yesterday to So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users which is a research paper written by one of the guys at Microsoft. There are some amazingly choice quotes in there, like
Comments (0)
From the Web
Relationships with Foreign Business Partners
March 15, 2010 from: Greg George
As business leaders continue to reach out and embrace global opportunities, the ability to recognize and mitigate operational threats is paramount....a recent memorandum discusses 28 countries having serious deficiencies in their strategies for countering money laundering and financial terrorist activities
Comments (0)
From the Web
Analyst Study Shows Employees Continue to Put Data at Risk
March 10, 2010 from: Office of Inadequate Security
...the results from the annual "Human Factor in Laptop Encryption" study performed by Absolute Software and the Ponemon Institute reveal some very interesting metrics about the use/adoption of encryption software and the risk posed to businesses from the loss of unencrypted media.
Comments (1)
From the Web
Even Einstein Can’t Track Google’s “Script Kiddie” Hackers
March 09, 2010 from: AEON Security Blog
News surrounding the attacks at Google and other companies are a dime a dozen and, while we have not seen any evidence publicly disclosed, we too can speculate along with everyone else. My first thoughts surrounding the news of the attack led me to believe that the compromise may have been an inside job.
Comments (4)
From the Web
A rise in cyber attacks by one third saw 100 per cent of enterprises experience cyber losses in 2009
February 25, 2010 from: Saumil's Infosec Blog
According to Symantec's 2010 State of Enterprise Security study, 75 per cent of enterprises experienced cyber attacks in the last 12 months and 36 per cent rated the attacks somewhat/highly effective. Also, there was a 29 per cent rise in reported attacks in the last 12 months.
Comments (0)
From the Web
Cyberattack simulation highlights vulnerabilities
February 20, 2010 from: Saumil's Infosec Blog
Imagine that a widely downloaded, malicious smart phone application has triggered a national security crisis and brought the country’s telecommunications and electronic infrastructure to a standstill. This scenario was only make-believe: the East Coast still has power and Midwestern factories are functioning. But the threats from cyber exploits against the national and economic security of t...
Comments (1)
From the Web
Forget Blaming Microsoft or Google – Blame Yourself
January 22, 2010 from: AEON Security Blog
People from all walks of life including influential decision makers are quickly firing off ye ole “Blame Microsoft” rants this week after another debacle involving Google and China. The debacle involved so-called State Sponsored (from China) “hacktivities” to compromise Gmail accounts. The attacks were – as we’re told – targeted towards Internet Explorer v...
Comments (2)
From the Web
Taken to the Cleaners
January 20, 2010 from: Office of Inadequate Security
Earlier this month, CSO reported on a worldwide recall on several hardware-encrypted USB sticks from multiple vendors because they contain a flaw which could allow hackers to easily gain access to the sensitive information contained on the device. With the quality of security questionable in many USB drives, it would stand to reason that losing any stick carrying sensitive information now carries ...
Comments (0)
From the Web
Cybercrooks stalk small businesses that bank online
January 03, 2010 from: Office of Inadequate Security
A rising swarm of cyber-robberies targeting small firms, local governments, school districts, churches and non-profits has prompted an extraordinary warning. The American Bankers Association and the FBI are advising small and midsize businesses that conduct financial transactions over the Internet to dedicate a separate PC used exclusively for online banking.
Comments (0)
From the Web
Malware rebounds as cause of data loss
December 04, 2009 from: Office of Inadequate Security
The 2009 CSI Computer Crime and Security survey identified a number of shifts in significant cybersecurity threats this year. Malware infections jumped to 64% from 50%, reversing a dip in the number of companies experiencing malware infections that started in 2005. That year, the figure was 74%.
Comments (0)
From the Web
If DOD can do this, why can’t they manage to remove SSNs?
December 03, 2009 from: Office of Inadequate Security
The Defense Department will not meet its end-of-the-year deadline for removing Social Security numbers from military ID cards as they are issued or renewed, the Pentagon has confirmed.
Comments (0)
From the Web
Forty-one percent of workers have stolen corporate data – survey
November 23, 2009 from: Office of Inadequate Security
Stealing employer data has become endemic in our culture. According to a survey conducted with 300 office workers in New York City examining the impact of the recession on ethics and security, 85 percent of the respondents admitted to knowing that downloading corporate information from their employer was illegal, yet a quarter of those surveyed would take the data regardless of the penalties.
Comments (0)
From the Web
Senate Panel Clears Data Breach Bills
November 05, 2009 from: Office of Inadequate Security
The Senate Judiciary Committee Thursday approved two companion bills that would require businesses and government agencies to notify individuals of security breaches involving sensitive personally identifiable information. Both bills go to the Senate for consideration.
Comments (0)
From the Web
MA: Williams College laptop stolen; 750 notified
November 05, 2009 from: Office of Inadequate Security
Williams College in Williamstown reports a recent laptop theft. The laptop, which was stolen when an employee left it in a parked car in Boston on October 3, contained the names and Social Security numbers of 750 individuals from 39 states and several foreign countries.
Comments (0)
From the Web
Report: Data Breaches Hike Fraud Risk 400%
November 02, 2009 from: Office of Inadequate Security
Because data breaches have become such commonplace incidents, there is concern that people have become desensitized to the potential harm they face upon receiving a notification letter from an organization informing them that sensitive information has been lost or misappropriated.
Comments (0)
- Over-Sharing Riskier than Government Snooping
- 20 Critical Security Controls: Control 13 – Boundary Defense
- Redefining Social Networking
- Creating Your Own Privacy & ROI
- Security Intelligence for the Enterprise - Part 1
- Why are Cybercrimes NOT Always White-collar Crimes?
- From the SMB to Security Guru: Five Ways IT Pros Can Manage Security on a Budget
- Balancing Act Between Privacy and Security
- The NSA’s Word Games Explained: How the Government Deceived Congress in the Debate over Surveillance Powers
- NSA Surveillance Is Legal And Not Targeting Average Americans, Says Texas A&M Professor