Blog Posts Tagged with "breaches"
Why Security Through Obscurity Still Does Not Work
May 15, 2012 Added by:Rebecca Herold
I know from my years as a systems analyst and maintaining a large change control system that it is easy for mistakes to occur within the network security architecture, and that there will always be some humans involved who are tempted to bypass important security controls...
Comments (0)
Where is My Information?!?!
May 11, 2012 Added by:Marc Quibell
Here's the problem - too many people have too much information about you, stored in or on who-knows-what, and who-knows-where. The risks of having your identity stolen and used are astronomical. All it requires is someone on the receiving end putting it all together...
Comments (0)
Space Agencies Confirm Network Intrusions
May 10, 2012 Added by:Headlines
“NASA security officials detected an intrusion into the site on April 20... The agency takes the issue of IT security very seriously and at no point was sensitive or controlled information compromised. NASA has made significant progress to better protect the agency’s IT systems..."
Comments (0)
Breached! Now What? Seven Steps to Avoid Failure Panic
May 08, 2012 Added by:Rafal Los
To many organizations, a security breach means a catastrophic failure in security signifying a breakdown in the mechanisms installed to keep the organization secure, and by its very nature represents failure. The problem with this situation is it really represents two failures...
Comments (1)
What Good is PCI-DSS?
May 03, 2012 Added by:david barton
Credit card processors have valuable information that bad guys would love to get their hands on. So processors are the Fort Knox of the modern world. When bad guys are motivated, no amount of security can keep them out. Does that mean PCI-DSS standards are worthless?
Comments (9)
Data (In)Security Will Impact Presidential Election Race
May 02, 2012 Added by:Josh Shaul
Breaking into poorly protected government systems and revealing personal or financial information, stealing and posting lists of campaign donations, or corrupting electronic voting systems – these tactics are available to those with expertise and funding...
Comments (0)
Duty to Authenticate Identity: Online Banking Breach Lawsuits
April 27, 2012 Added by:David Navetta
The attenuated nature of online relationships creates an opportunity for criminals to steal or spoof online identities and use them for monetary gain. The ability of one party to authenticate the identity of the other party in an online transaction is of key importance...
Comments (0)
Pain Comes Immediately – Secure Development Takes Time
April 17, 2012 Added by:Alexander Rothacker
Once a patch to a vulnerability is released, the vendor should give as much guidance as possible to its customer base so that they can make an informed decision on how to mitigate — may it be a workaround, such as disabling some functionality, configuring compensating controls...
Comments (0)
Data Breach Study Finds Breach Costs Have Fallen
April 13, 2012 Added by:David Navetta
The latest CDBS study can be considered a bookend to Verizon’s annual DBIR. The two reports paint a data breach landscape that continues to change. For the first time in seven years, both the organizational cost of data breach and the cost per lost or stolen record have declined...
Comments (0)
Verizon DBIR 2012: Some Context...
April 13, 2012 Added by:Neira Jones
The Verizon DBIR 2012 was released last month and I am sure you have seen a lot on the subject. With every report, statistics and opinions have to be put in the right context. The conclusions are not surprising, but there are a few nuggets in the report worth examining...
Comments (0)
On Data Breach Containment
April 12, 2012 Added by:Rafal Los
You've heard us say for a while now that information security isn't about reaching some mythical state of 'secure' but rather a constant battle on the ever-changing front lines of your organization to minimize any damage that the evil hackers can do once they find an in...
Comments (0)
Data Breach Definitions, Costs and Security
April 12, 2012 Added by:Fergal Glynn
Companies that suffer a data breach lose more than just confidential information. Their reputation, productivity, and profitability can all be negatively impacted in the aftermath of even a single incident. The organization may face fines, civil or criminal prosecution...
Comments (0)
It’s Data Breach Report Season: Beware Of Partial Truths
April 02, 2012 Added by:Josh Shaul
At the end of the day, these reports are important. They provide much needed insight into at least some data breaches. But we have to accept that this isn't the U.S. Census. We must learn what we can from them without becoming hypnotized by the hype that can surround them...
Comments (1)
Verizon Breach Report – Application Security Specific Highlights
March 29, 2012 Added by:Fergal Glynn
Eight-one percent of attacks utilized hacking. There was a stark difference between large and small organizations. SQL injection comes in 3rd after use of stolen logins and exploitation of backdoor or command and control channel. It is tied with dictionary attacks...
Comments (0)
Average Cost of a Data Breach $5.5 Million in 2011
March 23, 2012 Added by:Headlines
“Insiders continue to pose a serious threat to the security of their organizations. This is particularly true as the increasing adoption of tablets, smart phones and cloud applications in the workplace means that employees are able to access corporate information anywhere..."
Comments (0)
Cyber Attacks are Fastest Growing National Security Threat
March 23, 2012 Added by:Bill Gerneglia
Cybercrime is a relatively new phenomenon but because of its recent scale and game-changing implications for both government and industry it is rapidly becoming the dominant risk theme of the 21st century. The opportunity for cyber attacks grows daily...
Comments (0)
- Not Totally Sure What Just Happened...
- Has Anonymous Infiltrated the US Government?
- Big Opportunities in the Cloud
- Zeus Malware Targeting Facebook, Gmail and Yahoo Users
- Follow Up to the Out of Band Authentication Post
- Skype Malware Campaign Spreading Poison Ivy Trojan
- I Hope Edo is Worth the Privacy Risk
- Dutch MoD Innovation Competition 2012: CYBER Operations 2.0
- NIST Workshop: The Technical Aspects of Botnets
- Security Automation by Hand - Batch/Bash/FOR