Insider Theft Leads to the Data Breach of 1.5 Million Bank Clients

Atlanta bank SunTrust recently announced that 1.5 million users have potentially been exposed to a criminal third party. Unlike most data exposures we’ve been hearing about, the source of SunTrust’s breach was not caused by cybercriminals, but rather a theft by an employee who gained access to sensitive client information without security clearance. Sources say […]

Securing Health Care Records

Insider negligence is no longer the number one cause of data breaches in the healthcare industry—cybertheft and physical theft have now claimed the dubious honor. The Ponemon Institute’s Fifth Annual Benchmark Study on Privacy and Security of Healthcare Data shows that healthcare information has become a prime target for malicious hackers, with lone cybercriminals and […]

Data Security Lessons To Learn Right Now

Data Security Lessons To Learn Right Now Much has been said about the recent Ashley Madison (AM) hack attack, and even more was said about the subsequent data dump of highly sensitive customer information. Are there lessons to be learned from AM? To some extent—the consequences would have been worse had card data not been […]

Malware Risk Management

Prevent, detect, and contain: that’s the National Security Agency (NSA) advice for mitigating the damage of malware attacks. The NSA’s new report, “Defensive Best Practices Against Destructive Malware,” provides a good proactive baseline for warding off attacks, along with advice on how to keep attackers from running amuck after they have gained some access to […]

Securing Government Systems

A new report released today from the software security firm Veracode contained alarming news about the data security practices of many federal agencies. Veracode’s business is auditing the source code of applications for security vulnerabilities. The report documents 208,670 application scans conducted over 18 months for the company’s private and government customers. An analysis of […]

Healthcare Records Theft On The RIse

Insider negligence is no longer the number one cause of data breaches in the healthcare industry – cybertheft and physical theft have now claimed the dubious honor. The Ponemon Institute’s new Fifth Annual Benchmark Study on Privacy and Security of Healthcare Data, shows that healthcare information has become a prime target for malicious hackers, with […]

Insights From Verizon’s Data Breach Investigations Report

In early spring, while many people are anticipating the return of warm weather and blue skies, the information security industry is looking forward to the release of Verizon’s annual Data Breach Investigations Report (DBIR). Published since 2008, DBIR is a data security reference guide, playbook and bible. Global in scope, the report analyzes thousands of […]

Key Takeaways from Interop

Security was on everyone’s mind at this year’s Interop Las Vegas conference, with workshops ranging from insider threats to social engineering, supply chains and managing targeted attacks. One key point that emerged from all of the discussion was that businesses and governments need to understand the motivations of cyber attackers. Dmitri Alperovitch led the INTEROP […]

Retail PoS Systems, Ancient Passwords – What You Need To Know Now

You’ve probably seen coverage of the big RSA reveal regarding the fact that point of sale devices from a specific vendor have used the same pre-set administrator password for the last quarter of a century. Security researchers Charles Henderson and David Byrne, at their RSA presentation, were the ones who shared this discovery. More troubling, […]

Retail Digital Security Best Practices

The National Retail Federation recently presented Congress with a set of solutions aimed at better protecting consumers and helping businesses prevent data breaches. “We should not be satisfied with simply determining what to do after a data breach occurs,” NRF senior vice president for Government Relations David French said in a statement. “Instead, it is […]