Forget Information Security, someone work on airport delays My posts are all usually information security related. Some interesting things on web security, vulnerability assessment, risk assessment, all that good stuff. Well today I cannot blog about that. As much as I love it, get a probably un-natural excitement about it, I can’t do it. I [...]
Archive for July, 2009
Forget Information Security, someone work on airport delays
Posted: 30th July 2009 by admin in Compliance, Corporate Stupidity, Government Security, TravelTags: airport delay, bwi
0
Data Loss, this time with Network Solutions
Posted: 27th July 2009 by admin in Hacking News, malware, PCI, Security Assesment, Web SecurityTags: data loss, network solutions, stolen data
Data Loss, this time with Network Solution Network Solutions, one of the largest domain registrars recently announced a data breach. Malicious code was found on its e-commerce server which may have captured transactions from thousands of websites and capturing half a million or more credit cards. The company said they found the code during a [...]
Web Security Testing has come of age
Posted: 20th July 2009 by admin in Compliance, Corporate StupidityTags: breach data, hacking, hipaa security, web security, Website security
Website security is the one of the most dangerous places for a company. If you look at a layered security approach, we start out with the internal network. There we have host security, patch management, host IDS and other server based technologies. Next we have the network security layers, network intrusion detection, network monitoring and [...]
Data Breaches are still misunderstood
Posted: 19th July 2009 by admin in antivirus, Compliance, Corporate Stupidity, Security AssesmentTags: breach data, data loss, security metrics
The Ponemon Institute and Ounce Labs (www.ouncelabs.com) released a study on the view CEOs have regarding data protection in their environment. In the study of 213 CEOs and other senior executives, CEOs did not share the same view on how secure their organization is with their executives. 92 percent of respondents said they were attacks. [...]
HIPAA Assessments are the next wave
Posted: 12th July 2009 by admin in Compliance, Government Security, HIPAA, Security AssesmentTags: data theft, hipaa security, Managed Vulnerability Scanning, Website security
In February, CVS was ordered to pay a fine of 2.5million dollars by the FTC. This fine was because their employees threw out personal information about patients. Who knew poor recycling programs could cost so much? HIPAA has been around for a number of years but not until recently did we see that it has [...]