Items Tagged with "breaches"


Vulnerability Scans too Disruptive to Conduct Regularly

July 12, 2012 Added by:Headlines

“Evidently, active vulnerability scanning can cause huge management headaches due to its disruptive nature and information overload, so scanners tend to be used primarily for ‘spot checks’ that aren’t effective at minimizing risks. Critical vulnerabilities have to be identified, prioritized, and remediated daily..."

Comments  (4)


Netherlands to Establish Mandatory Breach Notification

July 11, 2012 Added by:Matthijs R. Koot

In 2012, Netherlands will establish mandatory breach notification for vital sectors, giving the government increasing sectoral intervention possibilities. This includes the authority to obtain information, administrative enforcement of designations and the authority to appoint an officer on behalf of the government...

Comments  (0)


Small Business Cyber Security: An Infographic

July 02, 2012 Added by:Fergal Glynn

Businesses often assume they are safe from cyber attacks because they are too small to be of interest to hackers, or mistakenly assume they have taken adequate measures to protect themselves. This infographic highlights the risks faced by small businesses and gives a few tips to help safeguard against attacks...

Comments  (0)


Two Northeast States Updated Breach Notification Statutes

June 27, 2012 Added by:David Navetta

Much time and ink has been spent on the steady stream of data security and breach-related bills that spring up in Congress like mushrooms after a rain. But recently Vermont and Connecticut updated their existing breach notification statutes, highlighting the need to monitor state legislatures...

Comments  (0)


Data Security: Spokeo in the News

June 23, 2012 Added by:Allan Pratt, MBA

“Spokeo, which compiles dossiers on consumers, agreed to pay $800,000 to settle allegations by the Federal Trade Commission that it sold personal information in violation of the law. From 2008 to 2010, Spokeo sold millions of consumer profiles to human resources departments and recruiters..."

Comments  (1)


Suing Our Way to Better Security?

June 21, 2012 Added by:Jayson Wylie

It does not seem like the top leaders at organizations are as concerned with others' information as they might be with the bottom line. If organizations do not respond to fear of embarrassment for failing at security, should we start taking them to court to formulate better consumer protections?

Comments  (7)


Disposal Dummies Cause Privacy and Security Problems

June 21, 2012 Added by:Rebecca Herold

Information disposal is now a legal requirement for basically all businesses of all sizes, and it simply makes sense to dispose of information securely as an effective way to prevent breaches. Having effective disposal policies, procedures and technologies in place demonstrates reasonable due diligence...

Comments  (1)


Tip of the Iceberg: 107,655 Cybersecurity Incidents in 2011

June 19, 2012 Added by:Joel Harding

Only a small percentage of companies will voluntarily share security information, and we can not see systemic trends. What is needed is a level playing field for all. All corporations need to disclose cybersecurity incident data so we can get a comprehensive picture a systemic defense is possible...

Comments  (0)


Do You Really Need a CISO to Have Security?

June 17, 2012 Added by:Rafal Los

In the analysis of it, every organization needs to have someone responsible for the technology-based risk or security of the organization. Whether that's the Technology Manager, the CISO, or the "IT guy". I just want to see better security, more resiliency, and less technical risk....

Comments  (6)


Video: On the Recent Password Breaches

June 16, 2012

LinkedIn, LastFM and eHarmony all suffered major password database breaches recently. But really, with so many breaches happening, did anyone even notice?

Comments  (0)


Tripwire Examines the State of Risk-Based Security Management

June 14, 2012 Added by:Headlines

"Though organizations profess a commitment to RBSM... this security practice is still in its infancy. To establish an effective... program, certain barriers need to be addressed. These include securing adequate resources, having employees with the necessary expertise and designating strong leaders..."

Comments  (0)


The Failure Of PCI?

June 13, 2012 Added by:PCI Guru

The biggest problem with PCI DSS standards comes down to the fact that humans are averse to being measured or assessed. Why? It makes people responsible and accountable for what they do, and few people want that sort of accountability – we all much prefer wiggle room in how our jobs are assessed...

Comments  (1)


If I Told You, I'd Have to Kill You

June 11, 2012 Added by:Ed Bellis

All of these breaches present a great opportunity to learn what does and doesn’t work in information security. But when we get responses like the one posted by Last.FM not only do we not learn anything, we don’t have any reason to believe they have either...

Comments  (0)


Warner Bros, China Telecom and US Navy Hacks

June 05, 2012 Added by:Pierluigi Paganini

It seems that the company was aware of the principal vulnerabilities in their systems, and lack of patching opened the way to the exploit. The hackers discovered in the Warner Bros network a presentation, prepared by the Technical Operations department, for a security audit...

Comments  (0)


On the Recent Blizzard and Diablo 3 Account Compromises

May 29, 2012 Added by:Beau Woods

Gamers have gotten more savvy about giving away information which would allow someone else to access their account. But the attackers have adapted as well and use other ways of getting that information than by sending fake emails. Here are some of the more creative and sophisticated ways the thieves operate...

Comments  (2)


Small Merchant Data Security: Helping Them Help Themselves

May 17, 2012 Added by:Stacey Holleran

Many small merchants—whether selling online or brick-and-mortar, or both—don’t have the technological background to understand the steps necessary for protecting the cardholder information and other sensitive data that passes through (and may be stored in) their business systems...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »