Jordan Robertson reports: Companies that use Amazon’s popular cloud computing service have accidentally disclosed confidential information including sales records and source code, highlighting the risks of moving sensitive data to the Web, according to new research. Rapid7, a Boston-based security firm, said in a report released today that it found more than 126 billion files…
Category: Commentaries and Analyses
Finland: Data Protection Ombudsman Critizices Compliance At Finnish Companies
Sakari Aalto discusses findings from a survey conducted by Finland’s Office of the Data Protection Ombudsman. The survey, carried out at the end of 2012, surveyed 74 companies and organizations that had experienced data security breaches during October – December 2011. Aalto writes, in part: In an alarmingly large proportion of companies (30%), the security…
Data breaches in higher education
TeamSHATTER reports on data breaches in the higher education vertical throughout the United States. The past year has seen a substantial uptick in the amount of total records breached. In 2012, there was a dramatic increase in the total number of reported records affected (1,977,412), but a relatively low amount of institutions (51) that reported…
Article: How Bad is it? – A Branching Activity Model to Estimate the Impact of Information Security Breaches
Russell Cameron Thomas George Mason University – Department of Computational Social Science Marcin Antkiewicz Qualys, Inc. Patrick Florer Risk Centric Security, Inc. Suzanne Widup Verizon Communications Inc., Verizon RISK Team Matthew Woodyard Zions Bancorporation March 11, 2013 Abstract: This paper proposes an analysis framework and model for estimating the impact of information security breach episodes….
Attacks ‘highlight need for data breach notification law’
Paul Smith reports: The Australian Bankers Association has defended the strength of IT security processes in place across Australia’s banking system following the revelation that Reserve Bank of Australia systems had been compromised by China-based hackers. However, security experts said the incident highlighted the need for Australian data breach notification laws to be tightened to force…
After a Data Breach, Do You Need an Investigator or a Lawyer?
Catherine Dunn writes: Before becoming a computer forensics investigator who specializes in data breach response, Jason Straight was a practicing attorney. And even though he’s been in the investigative business for longer than he was a lawyer, he has to pause every once in a while when a client asks him a question in the…