May 23, 2012 Added by:Danny Lieberman
If you are a HIPAA covered entity, securing patient data is central to your business. If you are a big organization, you probably don’t need my advice. If you are small to mid-size provider without a large budget, the question is “How can I do this for as little money as possible?”
May 17, 2012 Added by:Stacey Holleran
Many small merchants—whether selling online or brick-and-mortar, or both—don’t have the technological background to understand the steps necessary for protecting the cardholder information and other sensitive data that passes through (and may be stored in) their business systems...
May 14, 2012 Added by:Electronic Frontier Foundation
In India, a massive effort is underway to collect biometric identity information for each of the country’s 1.2 billion people. The incredible plan has stirred controversy in India and beyond, raising serious concerns about the security of individuals’ personal data...
May 13, 2012 Added by:Jayson Wylie
There is a reason the security world refers to exploitation on the Internet to activity ‘in the wild’. A comparison can be made to the lawless, tough and unforgiving world of the Wild West in American history. You can get your stuffz or scalp taken...
May 10, 2012 Added by:Marc Quibell
Here's the problem - too many people have too much information about you, stored in or on who-knows-what, and who-knows-where. The risks of having your identity stolen and used are astronomical. All it requires is someone on the receiving end putting it all together...
May 08, 2012 Added by:Rebecca Herold
Even though it sounds complicated there are many good methods you can use to accomplish de-identification. The great thing is, under many legal constructs de-identification is an acceptable way to use personal information for purposes beyond which the personal data was collected...
April 26, 2012 Added by:Simon Heron
The security of data in use is about risk mitigation. However, with the current targeted attacks and the proliferation of zero day threats, the risk level is high. It is necessary that action is taken to implement the required precautions that reduce the risk to an acceptable level...
April 23, 2012 Added by:Alexander Rothacker
It’s mid-April, so it’s Oracle CPU fallout time again. This CPU contains 88 fixes. Thirty-three in this CPU are for vulnerabilities that are remotely exploitable without authentication. In other words, anybody on the network can exploit these vulnerabilities...
April 17, 2012 Added by:Alexander Rothacker
Once a patch to a vulnerability is released, the vendor should give as much guidance as possible to its customer base so that they can make an informed decision on how to mitigate — may it be a workaround, such as disabling some functionality, configuring compensating controls...
April 11, 2012 Added by:Electronic Frontier Foundation
Does the government have a responsibility to protect innocent third parties from collateral damage when it seizes their property in the course of prosecuting alleged copyright infringement? That is the question a federal district court will consider...
April 05, 2012 Added by:Danny Lieberman
It doesn’t matter how they break into your network or servers – if attackers can’t take out your data, you’ve mitigated the threat. This paper reviews the taxonomies of advanced content flow monitoring that is used to audit activity and protect data inside the network...
April 05, 2012 Added by:Headlines
By improving our ability to extract knowledge and insights from large and complex collections of digital data, the initiative promises to help accelerate the pace of discovery in science and engineering, strengthen our national security, and transform teaching and learning...
April 02, 2012 Added by:Christopher Rodgers
Once you know which data needs the most protection, you can properly allocate funds and resources to defend those assets. Employing a proper data classification scheme is cost effective, as it allows a business to focus on protecting its higher risk data assets...
April 01, 2012 Added by:Josh Shaul
At the end of the day, these reports are important. They provide much needed insight into at least some data breaches. But we have to accept that this isn't the U.S. Census. We must learn what we can from them without becoming hypnotized by the hype that can surround them...
March 22, 2012 Added by:David Navetta
The proliferation of comprehensive data privacy laws, more or less on the European model, increasingly requires US-based multinationals and online companies to adapt to strict requirements for dealing with individuals in other countries...
March 14, 2012 Added by:PCI Guru
Most attacks are perpetrated inside the perimeter, so protection from an inside attack is important. Once an attacker is on the inside, it is easy to use SQL injection or other techniques to obtain data. Organizations are just beginning to understand the insider threat...
Hacker to Release Symantec's PCAnywhere Sour... Kajal Singh on 04-21-2015
Financial Malware Fell in 2014 As Takedown O... Kajal Singh on 04-21-2015
Weaknesses in Air Traffic Control Systems ar... Kajal Singh on 04-21-2015