Once a predator uses your Internet connection to go to into the bowels of the web, your Internet Protocol address, which is connected to your ISP billing address, is now considered one that is owned by a criminal. If law enforcement happens to be chatting with that person, who’s using your Internet connection to trade lurid porn, then someone may eventually knock on your door at 3 AM with a battering ram. And in freakish and relatively new twist, hackers can use a virus to crack your network and gain remote control access, and then store illicit porn on your hard drive.
The question is not lack of process but whether or not security is being used to help enforce business process in the relevant areas of product safety, customer service, employee workplace security and information protection in business-to-business relationships.
These new regulations come at a time when healthcare breaches are on the rise; according to the 2009 ITRC Breach Stats Report healthcare breaches account for over 66 percent of all records breached this year, up from 20 percent in 2008. In fact, some of the largest names in healthcare suffered data breaches.
Congress is still considering the Informed P2P User Act, a law that would supposedly make it safer to use peer-to-peer file sharing software, an effort that is similar to banning mosquitoes from sucking blood. It just isn’t happening…
Every organization has some form of Information Security Risk Assessment - some perform a formal risk assessment, others simply use their practical experience. There aren’t that many tools that assist the organization in performing risk assessment. The most widely used one is Excel, but it is far from a good choice.
Hackers are spreading their operational bases further around the world, according to threat analysis from managed security firm, Network Box. Not only should we all be wary about what links we click on in emails, social networking sites and IM, but we should examine what data we put online.
The notion that social media sites are little more than a trendy consumer oriented technology is misguided. Most business activities have legal ramifications and social media is no exception., and legal issues can arise when an organization does not adequately address social media with company policy.
Identity theft is preventable. As with any other crime, the risk will always be there. But there are many things people can do to minimize that risk, both online and offline. The National Foundation for Credit Counselors, which sponsors Protect Your Identity Week, has compiled a number of identity theft myths.
There are four pillars to the cyber war realm: intelligence, technology, logistics, and command. By understanding these factors IT security practitioners can gauge the threat to their own organization from cyber war and perhaps take steps to prepare for either direct attacks or the fallout from an outbreak of cyber hostilities between nations.
A Rhode Island Hospital was fined $150,000 after a surgeon operated on the wrong finger of a patient, and now the hospital must install video cameras in all of its operating rooms. Of course video surveillance will not PREVENT such incidents from happening, but knowing such recordings are being made will likely make surgeons much more careful…
The short answer for persons leaving a company is to be very careful and to have a very clear understanding with the employer about what can and cannot be taken. The increasing involvement of government authorities in enforcing remedies involving trade secrets certainly signals a new level of risk for those who may be considering taking or copying trade secrets.
Symantec isn’t the only company to forecast improved enterprise IT spending based on quarterly results in the past few weeks; executives at EMC, IBM, and Intel all spoke positively about IT budgets rebounding in the coming months.
A man who wore women's clothing to use his dead wife's gym membership has appeared in a Hong Kong court
Lau Siu-wah, 51, was charged after he allegedly used his wife's identification card to exercise in the female-only section of the gym at the city's Sheraton hotel, The Standard daily reported.
To be honest I can't see a problem, I'm sure they only got suspicious because he was in all female gym, and they probably thought he was a transexual, in which case he should have been allowed to stay, and as for his wife's ID, well he might as well use it until it runs out of date, no point wasting a perfectly good gym card.
With the threat of aftershocks in the US Stock market, continued bank closings and takeovers by the FDIC, serious consideration needs to be given to changing the current reporting, auditing and oversight regulations, and the public needs to pressure elected officials into action before our entire country is taken off financial life support.
In terms of speed, Retina performed much faster. In terms of scan depth, Nessus has a small advantage, since it includes a web mirroring tool that is very helpful in HTTP. In a direct comparison, Nessus wins simply because Retina manifested erroneous results on repeat scans.
Regardless of what you feel should or should not be private, we all have a right to set expectations that we trust will be met. And as technologists, we have the capability to improve the state of privacy in the face of technological advances that might otherwise undermine it. Privacy is not an Illusion, it is a challenge.
This is the first cogent look at the efficacy of waging strategic cyber war and I hope will serve to slow the rhetoric coming from the US Defense community about acquiring cyber offensive capability: “Can cyberattacks disarm cyberattackers? In a world of cheap computing, ubiquitous networking, and hackers who could be anywhere, the answer is no.”
Forget about vampires, ghouls and zombies. You were much more likely to receive a fright this year from something lurking in your e-mail. There were the usual crop of Trojan horses and phishing expeditions, and as the surprising list points out, some of the scares go all the way up to White House and the FBI.
This report should be heeded by those banks, health care organizations, government agencies, insurance companies and others that we entrust with our social security and checking account numbers, birth dates and mothers’ maiden names, and in some cases our personal health information.
I recently saw an article entitled Compliance is the New Security Standard. The basic thesis of the blog post was that since companies have to spend money on compliance, they might as well spend the money once and rename the effort “security”. This is an interesting notion – although perhaps “placebo security” might be a cheaper approach. Compliance is not equivalent to security for several fundamental reasons…
