Data Breach Cost Heartland Millions
By · CommentsHeartland Payment Systems security breach contributed reported Q1 earnings revealing a $2.5 million loss where the data breach accounted for $12.6 million. A large fine levied by MasterCard accounted for most of these costs. CEO Bob Carr said the company’s work to address post-breach fallout was a costly diversion and they are implenting a costly end-to-end encryption system to help prevent future breaches. Click here to read the entire article from Associated Press.
How Thieves Physically Steal Your Data!
By · CommentsBasically, the theft of sensitive information from companies can happen in two ways: physical data breaches or online breaches of security. Physical identity theft refers to cases where the identity thief needs to get in close to their targets or to the information they are trying to obtain. These sorts of identity theft efforts include dumpster diving to search for documents which contain information such as account numbers, social security card or credit card numbers, addresses and like. Basically, any information which contains personally identifying information on a customer, vendor or employee is of use to identity thieves. Mail may be stolen or thieves may pose as company representatives over the phone in an effort to extract information from unwary employees.
Here are top fifteen ways in which corporate information is stolen by physical means: Read More→
Swine Flu and Computer Viruses
By · CommentsAs the world is in fear of the Swine flu virus writers and spam sources are taking advantage of this opportunity to infect computers as well. 2% of all spam currently is related to Swine Flu, generating internet congestion on email providers. Part of what makes a virus writer successful in delivering attacks and establishing avenues of propagation is feeding on current fears and enticing users to open up emails or web links believing they are legitimate information sources. Successful cyber attacks are as much as a technical feat as well as understanding the psychology of potential victims.
Red Flag Expert Interview
By · CommentsI am preparing to interview two Red Flag Rule experts about how companies comply to this new FTC mandate that goes into effect in May ‘09.
If you have any specific questions you would like me to ask, please click here to submit your questions.
Passwords Don’t Have To Threaten Business Security
By · CommentsThe emergence of the World Wide Web as a global, around the clock marketplace has opened a multitude of new opportunities to businesses which have never before been seen. Computers and global communication networks have brought vendors, customers and markets together in new and beneficial ways. Along with all of the benefits which business has gained from the information age come some downsides. New crimes have not been created by new technology, but rather new technology has given new tools to criminals to commit the same crimes as they always have. The difference is that criminals now have a global reach, just as businesses do. In the U.S. at least, the responsibility for protecting consumers from having their personal information pilfered is placed upon businesses.
Cutting Information Security in Hard Times is Dangerous
By · CommentsAlthough some analysts actually expect security spending to rise this year — at least as a percentage of total IT spending — some CIOs are giving serious thought to the once-unthinkable idea of trimming security budgets as businesses look to cut costs during this global recession. Before you start trimming here are five points to consider.
The risk of cutting security is that a security breach can be disastrous. The Ponemon Institute pegs the average cost of a data breach at $6.7 million.
When implementing a security solution, here are five areas to consider before investing:
Shameless Pitch for Password Security
By · CommentsI am posting our video pitch for Power LogOn. While you might think I am only self promoting I actually what viewers to understand why password management is so important, and what better person to make the case they a pretty woman.
Employees Cause Data Security Breaches – Not Malware
By · CommentsWhen business owners look around their office and see how sensitive documents are handled it is no wonder that the weakest security link is the employee. But it is not always the employee’s fault since they have never been trained or given the security tools to protect data.
A Symantec report says that most breaches at small to midsize businesses are caused by people, not malware. Click here to read the entire article.
Look at all the four vulnerability point: Building – Employee – PC – Network and start implementing training, policies and solutions that are inexpensive and work.
PIN Crackers
By · CommentsWe all know what a PIN is (Personal Identification Number). When one uses only a PIN to authenticate a user it is refered to as single-factor authentication (something you know) which is the weakest of all authentications for network security. Today’s security standards now require at least tw0-factors (something you have and something you know). The best is security to protect against identity theft is a PIN protected, smartcard-based, password manager which offers double-two factor authentication.
Reader what Kim Zetter of Wired Magazine writes on how hackers have crossed into new frontiers by devising sophisticated ways to steal large amounts of personal identification numbers, or PINs, protecting credit and debit cards. Click here to read the entire Wired article.
Cyber Attacks on the Grid
By · CommentsHere is a recent article on the threat of cyberspies and cyberterrorism. While the news like to publish these big articles, smaller businesses are just as much at risk. While anti-virus programs are needed, some attackers are breaking in due to weak passwords and poor password management by employees. That is why the government in many security directives is strongly suggesting two-factor authentication. Look into adding a smartcard based password manager as another tool to protect your networks.
