Ken Dilanian of AP reports: The State Department was among the worst agencies in the federal government at protecting its computer networks while Hillary Rodham Clinton was secretary from 2009 to 2013, a situation that continued to deteriorate as John Kerry took office and Russian hackers breached the department’s email system, according to independent audits…
Category: Commentaries and Analyses
Disclosing a breach? Coordinate it with release of good news – study
Christopher Escobedo Hart writes that a well-handled breach can actually improve a company’s bottom line. A recent study goes a step further, suggesting that if handled well a data breach can actually help the bottom line. This counter-intuitive conclusion, conducted by Sebastian Gay at the University of Chicago, is based on data from breaches occurring between 2005-2014. …
Threat of Data-Privacy Litigation Fuels District Insurance Purchases
Malia Herman reports: .. It’s unclear how many districts have purchased cyberpolicies. Laubmeier said Aon covers several districts but declined to say exactly how many. “We are seeing a very large uptick in the number of school districts that have inquired about the possibility of cyberinsurance,” he said. Mr. Gambale also declined to say how many…
Atlassian’s tips for effective breach disclosure
Andrew Sadauskas reports: In the immediate aftermath of a security breach, companies should ensure they don’t use weasel words and have in place strong internal communications and clearly-defined staff guidelines, according to Atlassian head of security intelligence Daniel Grzelak. Read more at ITNews. Why? Because I actually agree with pretty much everything he advises, and if…
Connected kettles boil over, spill Wi-Fi passwords over London
Darren Pauli reports: A security man has mapped and hacked insecure connected kettles across London, proving they can leak WiFi passwords. The iKettle is designed to save users precious seconds spent waiting for water to boil by allowing the kitchen staple to be turned on using a smartphone app. Pen Test Partners bod Ken Munro…
NHS Health Apps Library closing amid questions about app security & quality: what can we learn?
Satish Misra, M.D. writes: The United Kingdom’s National Health Service (NHS) launched the Health Apps Library as part of their NHS Choices program in 2013. It was pitched as a pilot program, one that would guide patients and clinicians to safe, effective health apps. And now after a troubled two years, the NHS Health Apps…