Items Tagged with "breaches"


69dafe8b58066478aea48f3d0f384820

Vulnerability Scans too Disruptive to Conduct Regularly

July 12, 2012 Added by:Headlines

“Evidently, active vulnerability scanning can cause huge management headaches due to its disruptive nature and information overload, so scanners tend to be used primarily for ‘spot checks’ that aren’t effective at minimizing risks. Critical vulnerabilities have to be identified, prioritized, and remediated daily..."

Comments  (4)

C4363f41d25c216c53c8d71a1ac44a90

Netherlands to Establish Mandatory Breach Notification

July 11, 2012 Added by:Matthijs R. Koot

In 2012, Netherlands will establish mandatory breach notification for vital sectors, giving the government increasing sectoral intervention possibilities. This includes the authority to obtain information, administrative enforcement of designations and the authority to appoint an officer on behalf of the government...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Small Business Cyber Security: An Infographic

July 02, 2012 Added by:Fergal Glynn

Businesses often assume they are safe from cyber attacks because they are too small to be of interest to hackers, or mistakenly assume they have taken adequate measures to protect themselves. This infographic highlights the risks faced by small businesses and gives a few tips to help safeguard against attacks...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Two Northeast States Updated Breach Notification Statutes

June 27, 2012 Added by:David Navetta

Much time and ink has been spent on the steady stream of data security and breach-related bills that spring up in Congress like mushrooms after a rain. But recently Vermont and Connecticut updated their existing breach notification statutes, highlighting the need to monitor state legislatures...

Comments  (0)

5e402abc3fedaf8927900f014ccc031f

Data Security: Spokeo in the News

June 23, 2012 Added by:Allan Pratt, MBA

“Spokeo, which compiles dossiers on consumers, agreed to pay $800,000 to settle allegations by the Federal Trade Commission that it sold personal information in violation of the law. From 2008 to 2010, Spokeo sold millions of consumer profiles to human resources departments and recruiters..."

Comments  (1)

54a9b7b662bfb0f0445d1661d7ed180b

Suing Our Way to Better Security?

June 21, 2012 Added by:Jayson Wylie

It does not seem like the top leaders at organizations are as concerned with others' information as they might be with the bottom line. If organizations do not respond to fear of embarrassment for failing at security, should we start taking them to court to formulate better consumer protections?

Comments  (7)

65be44ae7088566069cc3bef454174a7

Disposal Dummies Cause Privacy and Security Problems

June 21, 2012 Added by:Rebecca Herold

Information disposal is now a legal requirement for basically all businesses of all sizes, and it simply makes sense to dispose of information securely as an effective way to prevent breaches. Having effective disposal policies, procedures and technologies in place demonstrates reasonable due diligence...

Comments  (1)

94ae16c30d35ee7345f3235dfb11113c

Tip of the Iceberg: 107,655 Cybersecurity Incidents in 2011

June 19, 2012 Added by:Joel Harding

Only a small percentage of companies will voluntarily share security information, and we can not see systemic trends. What is needed is a level playing field for all. All corporations need to disclose cybersecurity incident data so we can get a comprehensive picture a systemic defense is possible...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Do You Really Need a CISO to Have Security?

June 17, 2012 Added by:Rafal Los

In the analysis of it, every organization needs to have someone responsible for the technology-based risk or security of the organization. Whether that's the Technology Manager, the CISO, or the "IT guy". I just want to see better security, more resiliency, and less technical risk....

Comments  (6)

99edc1997453f90eb5ac1430fd9a7c61

Video: On the Recent Password Breaches

June 16, 2012

LinkedIn, LastFM and eHarmony all suffered major password database breaches recently. But really, with so many breaches happening, did anyone even notice?

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Tripwire Examines the State of Risk-Based Security Management

June 14, 2012 Added by:Headlines

"Though organizations profess a commitment to RBSM... this security practice is still in its infancy. To establish an effective... program, certain barriers need to be addressed. These include securing adequate resources, having employees with the necessary expertise and designating strong leaders..."

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

The Failure Of PCI?

June 13, 2012 Added by:PCI Guru

The biggest problem with PCI DSS standards comes down to the fact that humans are averse to being measured or assessed. Why? It makes people responsible and accountable for what they do, and few people want that sort of accountability – we all much prefer wiggle room in how our jobs are assessed...

Comments  (1)

48f758be63686a73484a7380e94f73d0

If I Told You, I'd Have to Kill You

June 11, 2012 Added by:Ed Bellis

All of these breaches present a great opportunity to learn what does and doesn’t work in information security. But when we get responses like the one posted by Last.FM not only do we not learn anything, we don’t have any reason to believe they have either...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Warner Bros, China Telecom and US Navy Hacks

June 05, 2012 Added by:Pierluigi Paganini

It seems that the company was aware of the principal vulnerabilities in their systems, and lack of patching opened the way to the exploit. The hackers discovered in the Warner Bros network a presentation, prepared by the Technical Operations department, for a security audit...

Comments  (0)

B9d9352326e5421a02e698a51d10ad2c

On the Recent Blizzard and Diablo 3 Account Compromises

May 29, 2012 Added by:Beau Woods

Gamers have gotten more savvy about giving away information which would allow someone else to access their account. But the attackers have adapted as well and use other ways of getting that information than by sending fake emails. Here are some of the more creative and sophisticated ways the thieves operate...

Comments  (2)

145dfdfe39f987b240313956a81652d1

Small Merchant Data Security: Helping Them Help Themselves

May 17, 2012 Added by:Stacey Holleran

Many small merchants—whether selling online or brick-and-mortar, or both—don’t have the technological background to understand the steps necessary for protecting the cardholder information and other sensitive data that passes through (and may be stored in) their business systems...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »