Kristin J. Mathews writes: In a draft research paper titled “Empirical Analysis of Data Breach Litigation”, three prominent scholars have collected and analyzed a sample of over 230 federal data breach lawsuits in order to deduce just what makes them tick. Romanosky, Hoffman and Acquisti examined, for example, what factual and legal characteristics made a company more likely to be…
Category: Commentaries and Analyses
Outsider Hacks Dominated 2011 Security Breaches
Kelly Jackson Higgins reports from RSA: More than 85% of the data breach incident response cases investigated by Verizon Business last year originated from a hack, and more than 90% of them came from the outside rather than via a malicious insider or business partner. Tuesday, Verizon published a snapshot of data from its upcoming…
Another week, another round of Congressional questions and posturing?
How many data breach investigations can one Congress initiate without actually doing anything? What is the point of asking Grindr questions about its security? Hasn’t Congress heard enough by now to know that most companies and apps do not implement adequate security despite what they say on their sites? What, if anything, does Congress intend…
‘Anatomy of an Anonymous Attack’ laid bare by Imperva
Sophie Curtis reports: Security firm Imperva has published a detailed analysis of an attack by Anonymous on one of its customers, providing new insight into how the hacktivist group operates, and highlighting the need for better application layer security. According to The New York Times, the target in question was the Vatican, although Imperva has declined…
Ie: DataSolutions survey reveals 14,000 firms had data compromised
David Richardson reports: A new survey published today by DataSolutions, Ireland’s leading value-add IT distributor, found that 14,000 Irish businesses have had their data compromised. Over 200 Irish IT executives were quizzed, and the survey examined their main security concerns. It was split into two parts, intrusion prevention from external threats and data loss caused…
Why Data Security Regulation is Bad
Danny Lieberman comments: The first government knee-jerk reaction in the face of a data breach is to create more government privacy compliance regulation. This is analogous to shooting yourself in the foot while you hold the loaded weapon in one hand and apply band-aids with the other. Democracies like Israel, the US and the UK…