Browsing Category: Compliance

It can be hard to parse the results of the Verizon Data Breach Investigation Report (DBIR), what with the shifts from year to year in the sources of breach data collected. Last year’s report, if you recall, found a stunning drop in incidents of data theft in 2010, even as tracking sites like Datalossdb.org reported no noticeable change that year.Frankly, it’s hard to read the DBIR and not have the term “sample bias” float into your head time and again. But the DBIR report has always been a good way to understand the security Zeitgeist, and this year’s report is no different, with more normal-seeming results and a focus on the actions of ideologically motivated hacking groups which, Verizon claims, were linked to 58% of all the data stolen from customers in 2011.

Read more...

VIEW SLIDESHOW: Weird Science: 10 Forms of Biometric Authentication In the past twenty years, we’ve gone from using amber-tinted dumb terminals connected to refrigerator-sized mainframe computers to sleek tablet computers and smart phones tucked into our pockets. Despite those changes, one technology has stubbornly persisted: passwords. Indeed, the explosion in computing devices and Web-based services has made us more dependent on passwords than ever.

Read more...

by B.K. DeLongWikileaks’ decision this week to post the first of five million emails from Texas-based strategic intelligence firm Stratfor shone a spotlight on what experts say is a serious and growing problem: lax data, network and physical security at third party vendors and service providers.  But organizations that think they can wash their hands of the security mess caused by business partners and contractors may be in for a rude awakening.

Read more...

Right on cue this week, the anarchic hacking collective Anonymous stepped up and grabbed the story line away from the lions of the IT security industry.With the annual RSA Conference set to begin, the whistle blowing site Wikileaks released the first of some five million e-mail messages stolen from the security intelligence firm Stratfor. Ever sensitive to the fickle attention of the media, Anonymous inserted itself into the story, claiming responsibility for leaking the data and pointing a finger of blame at Stratfor and its media, private and public sector customers, which Anonymous accuses of spying and other dark offenses.

Read more...