Items Tagged with "breaches"
May 17, 2012 Added by:Stacey Holleran
Many small merchants—whether selling online or brick-and-mortar, or both—don’t have the technological background to understand the steps necessary for protecting the cardholder information and other sensitive data that passes through (and may be stored in) their business systems...
May 15, 2012 Added by:Rebecca Herold
I know from my years as a systems analyst and maintaining a large change control system that it is easy for mistakes to occur within the network security architecture, and that there will always be some humans involved who are tempted to bypass important security controls...
May 10, 2012 Added by:Marc Quibell
Here's the problem - too many people have too much information about you, stored in or on who-knows-what, and who-knows-where. The risks of having your identity stolen and used are astronomical. All it requires is someone on the receiving end putting it all together...
May 10, 2012 Added by:Headlines
“NASA security officials detected an intrusion into the site on April 20... The agency takes the issue of IT security very seriously and at no point was sensitive or controlled information compromised. NASA has made significant progress to better protect the agency’s IT systems..."
May 08, 2012
Cyber attacks have increased significantly in number and sophistication resulting in the Federal Government and private sector partners expanding their cybersecurity efforts. US-CERT reported an over 650-percent increase in the number of incidents reported by federal agencies...
May 07, 2012 Added by:Rafal Los
To many organizations, a security breach means a catastrophic failure in security signifying a breakdown in the mechanisms installed to keep the organization secure, and by its very nature represents failure. The problem with this situation is it really represents two failures...
May 02, 2012 Added by:david barton
Credit card processors have valuable information that bad guys would love to get their hands on. So processors are the Fort Knox of the modern world. When bad guys are motivated, no amount of security can keep them out. Does that mean PCI-DSS standards are worthless?
May 01, 2012 Added by:Josh Shaul
Breaking into poorly protected government systems and revealing personal or financial information, stealing and posting lists of campaign donations, or corrupting electronic voting systems – these tactics are available to those with expertise and funding...
April 26, 2012 Added by:David Navetta
The attenuated nature of online relationships creates an opportunity for criminals to steal or spoof online identities and use them for monetary gain. The ability of one party to authenticate the identity of the other party in an online transaction is of key importance...
April 17, 2012 Added by:Alexander Rothacker
Once a patch to a vulnerability is released, the vendor should give as much guidance as possible to its customer base so that they can make an informed decision on how to mitigate — may it be a workaround, such as disabling some functionality, configuring compensating controls...
April 13, 2012 Added by:David Navetta
The latest CDBS study can be considered a bookend to Verizon’s annual DBIR. The two reports paint a data breach landscape that continues to change. For the first time in seven years, both the organizational cost of data breach and the cost per lost or stolen record have declined...
April 12, 2012 Added by:Neira Jones
The Verizon DBIR 2012 was released last month and I am sure you have seen a lot on the subject. With every report, statistics and opinions have to be put in the right context. The conclusions are not surprising, but there are a few nuggets in the report worth examining...
April 12, 2012 Added by:Rafal Los
You've heard us say for a while now that information security isn't about reaching some mythical state of 'secure' but rather a constant battle on the ever-changing front lines of your organization to minimize any damage that the evil hackers can do once they find an in...
April 11, 2012 Added by:Fergal Glynn
Companies that suffer a data breach lose more than just confidential information. Their reputation, productivity, and profitability can all be negatively impacted in the aftermath of even a single incident. The organization may face fines, civil or criminal prosecution...
April 01, 2012 Added by:Josh Shaul
At the end of the day, these reports are important. They provide much needed insight into at least some data breaches. But we have to accept that this isn't the U.S. Census. We must learn what we can from them without becoming hypnotized by the hype that can surround them...
March 28, 2012 Added by:Fergal Glynn
Eight-one percent of attacks utilized hacking. There was a stark difference between large and small organizations. SQL injection comes in 3rd after use of stolen logins and exploitation of backdoor or command and control channel. It is tied with dictionary attacks...