Judy Selby and George Viegas write: Our traditional approach to cyber risk and security has been focused on privacy and financial data. The data breach or loss concerns that typically rank high on our risk ratings are private and confidential data like names and social security numbers with other identifying non-public information and financial data…
Category: Commentaries and Analyses
Japan Sees 25 billion Cyberattacks in 2014: Govt Agency
AFP reports: The National Institute of Information and Communications Technology (NICT), which has a network of a quarter of a million sensors, said there were 25.66 billion attempts to compromise systems, according to a report by Kyodo News. The figure includes attacks aimed at testing the vulnerability of software used in servers. The survey was…
Cybersecurity and Privacy: A Country of Mushrooms re: Recent Major Data Breaches
Shamoil T. Shipchandler of Bracewell & Giuliani LLP has a great commentary about how our country is doing on cybersecurity and privacy. It begins: When it comes right down to it, we are about as bad at cybersecurity as Twitter’s CFO is at Twitter or North Korea is at coming up with new political slogans to commemorate its 70th anniversary. As…
Resource: Introduction to Social Engineering (CERT-UK)
An introduction to social engineering was released by the UK Computer Emergency Response Team (CERT) on January 21, 2015: Social engineering is a prolific and effective means of gaining access to the secure systems and sensitive information of an organisation. Attacks vary from bulk phishing emails to highly targeted, multi-layered techniques. These attacks often prey on common aspects…
PCI Says “No Version Of SSL” Acceptable: What Does This Mean For You?
Jason Bouwmeester reports: The Payment Card Industry Security Standards Council has released a bulletin regarding the use of SSL for data protection on the Internet. In the bulletin, the Council states that SSL – a protocol for providing secure communications – is no longer acceptable for secure transactions. This has left many people wondering what…
The Target and Other Financial Data Breaches: Frequently Asked Questions
Sabrina I. Pacifici writes: The Target and Other Financial Data Breaches: Frequently Asked Questions “In November and December of 2013, cybercriminals breached the data security of Target, one of the largest U.S. retail chains, stealing the personal and financial information of millions of customers. On December 19, 2013, Target confirmed that some 40 million credit…