tagged w/ ISR
-
This is the first part of my Black Hat interview with Andrew D. Hayter, Anti-Malcode Program Manager for ICSA Labs. In this installment, Mr. Hayter highlights the challenges businesses face in mitigating malware-related risks.This is the first part of my Black Hat interview with Andrew D. Hayter, Anti-Malcode... more
-
-
ANSI Identity Theft Standards Panel webinar “Lessons from the Data Breach at Heartland” by Bob Carr, CEO of Heartland Payment Systems; Carnegie Mellon University Software Engineering Institute Insider Threat Workshop; U.S. Department of Homeland Security Critical Infrastructure and Key Resources; ISAlliance/NIST/DHS VoIP & Unified Communications Automated Security and Assurance Project; IT Sector Coordinating Council Protective Programs and Research and Development (PPRD)…ANSI Identity Theft Standards Panel webinar “Lessons from the Data Breach at... more
-
-
Greg Schaffer, Assistant Secretary for CyberSecurity & Communications for the US Department of Homeland Security, sees Trusted Internet Connections, EINSTEIN, and front line defense of the nation’s networks as top cybersecurity priorities for the department.Greg Schaffer, Assistant Secretary for CyberSecurity & Communications for the US... more
-
-
Here we focus on methods which are developed and learned based our organizational and individual philosophy, and how that philosophy is emboldened by strong character leadership, which in turn influences our perception and understanding of the climate on the ground, and directly affects the decisions and actions we take in a given situation.Here we focus on methods which are developed and learned based our organizational and... more
-
-
QSA’s (auditors) policing the PCI-DSS (credit card data security standards) need to adjust their mindset when auditing virtualized card processing infrastructure…QSA’s (auditors) policing the PCI-DSS (credit card data security standards) need... more
-
-
Any organization should have a simple and brief procedure to treat information carriers for systems that are to be discarded. All that hardware contains a lot of confidential information, and it is essential that such data is properly erased so it cannot be recovered. Here is a brief summary of the crucial information disposal procedure elements.Any organization should have a simple and brief procedure to treat information... more
-
-
With the perspective of six years of data breaches, the rise of cyber crime, phishing, identity theft, and information warfare - it seems laughable that the big issue of employees bringing malware infested laptops into the office spawned so many companies.With the perspective of six years of data breaches, the rise of cyber crime, phishing,... more
-
-
Please respond directly to DHS via the contacts below if you have any relevant information: The Station Fire in northern Los Angeles County, CA is threatening the Mount Wilson Communications Facility. Some other facilities determined to be of significant critical infrastructure and key resources (CIKR) are the NASA Jet Propulsion Lab, Mount Lukens and Mount Disappointment Communications Facilities, 33Kv, 220Kv power lines, and Gould power substation. The National Coordinating Center (NCC) needs input from its NCS partners regarding anticipated impacts to Federal communications systems and assets.Please respond directly to DHS via the contacts below if you have any relevant... more
-
-
Safety online is a controversial issue, one that is debated to death with little results that the average person can use without an advanced IT qualification. Here are my four simple rules for improving internet safety:Safety online is a controversial issue, one that is debated to death with little... more
-
-
Currently, people rely on obscurity to keep their data safe. But with progressively more intelligent search engines available that can churn through vast amounts of data and make sense of it – even your email – security is something that needs to be addressed.Currently, people rely on obscurity to keep their data safe. But with progressively... more
-
-
In recent years, the number of reported data breaches at healthcare organizations has soared, despite laws requiring the groups to protect patient information. In May, a hacker stole more than 500,000 patient records from a state-run database that tracks drug prescriptions in Virginia — and then demanded a ransom to return the information.In recent years, the number of reported data breaches at healthcare organizations has... more
-
-
Radisson Hotels & Resorts has posted an open letter to its guests, informing them of a recent data breach but offering little additional information. The data that was accessed includes guests’ names and their credit card or debit card number and expiration date.Radisson Hotels & Resorts has posted an open letter to its guests, informing them... more
-
-
Any business, of any size, in any industry, in any location, is a possible target for PII theft and cybercrime if they possess any type of employee, customer or other consumer PII. Most businesses have PII. All businesses with PII need to make sure they provide due diligence to protect that PII.Any business, of any size, in any industry, in any location, is a possible target for... more
-
-
Spoiler alert: There isn’t an effective identity theft protection product. Typically, a company claiming to be an identity theft protection company will provide one or all of these services; access to credit reports, credit monitoring, and database monitoring. Unfortunately, these services cause security problems themselves.Spoiler alert: There isn’t an effective identity theft protection product.... more
-
-
This week in San Diego, CA the US Navy held the initial planning conference for Trident Warrior ‘10. The Trident Warrior series is the premier annual FORCEnet Sea Trial Event sponsored by Naval Network Warfare Command (NETWARCOM). FORCEnet’s experimental results are incorporated into a definitive technical report used to develop Military Utility Assessment (MUA) recommendations.This week in San Diego, CA the US Navy held the initial planning conference for... more
-
-
Identity theft is “America’s fastest growing problem” according to a statement made by the Federal Bureau of Investigation. The Federal Trade Commission (FTC) estimates 10 million Americans are affected each year. Knowing how to protect yourself is vitally important to avoid becoming a victim. The following are arenas where thieves prey:Identity theft is “America’s fastest growing problem” according to a... more
-
-
Twitter used to manage botnet; Nasty malware attack targets web developers; Obama site only offers malware; Exploding iPhone/iPods; Old-school virus threatens Delphi files; Attacks may come from inside computers; Study warns of cyberwarfare during military conflicts; Russian hackers stole US IDs for Georgian attacks…Twitter used to manage botnet; Nasty malware attack targets web developers; Obama site... more
-
-
I was forced to smile at the irony of the situation when I shared the discovery my co-author. Here is a book created to lead businesses and security professionals in the “how-to” of preserving their intellectual property – and it’s already on the P2P networks. These networks exist so individuals can illegally download the creative thoughts of others without having to provide any compensation.I was forced to smile at the irony of the situation when I shared the discovery my... more
-
-
Leaders must be constantly learning and evolving to meet the changing, conventional and unconventional threats we face. Leadership is the main component for ensuring a fluid decision making cycle. Leadership must reduce the friction through practicing these basic qualities Sun Tzu describes.Leaders must be constantly learning and evolving to meet the changing, conventional... more
-
-
Cyber Security Awareness Month is a waste of time, energy, and tax payer money. All of which could be spent on improving security within the Federal government. They are the ones who are getting infected by malware spread by USB devices, or having their email read or their fighter jet designs stolen. They are the ones that cannot articulate a cyber defense strategy well enough to entice someone to take on the top job…Cyber Security Awareness Month is a waste of time, energy, and tax payer money. All of... more
-
