Blogs

Showing Blog Posts: 1–10 of 88 tagged Data Breach

  • Windows XP: The COBOL of the 21st Century

    by Joshua Marpet on April 21, 2014

    What happened when Windows XP went into end of life (EOL)? That fateful day happened on April 8, 2014. It doesn't mean that WinXP computers will suddenly stop working. It doesn't mean that the world of WinXP computing will end. To be honest, it probably doesn't even mean that WinXP-based programming will end. So what does it actually mean? New drivers won't be developed. It will get increasingly…

  • Privacy in the Age of Ubiquitous Computer Vision

    by Joshua Marpet on April 17, 2014

    With Google Glass, cell phone cameras, hidden cameras, and ever cheaper surveillance cameras, can there truly be user privacy? With Google Glass and facial recognition apps, tagging people can happen at full walking speed, without a pause or possibility of the action being recognized. Is there any parallel in other realms? At one point, a car with an expired registration would only get exposed…

  • Protect Against Internal Data Security Threats: Specific Strategies and Techniques

    by Robert Moskowitz on March 18, 2014

    Everyone's worried about anonymous hackers, but the smartest IT Security teams also keep a sharp eye out for internal data security threats such as leaks from disgruntled employees, paid spies, or even trusted workers who are susceptible to human error. While you cannot guarantee total information security, at any price, there are some cost-effective strategies and techniques to cut down on the…

  • Another (Almost) Target Lesson: Securing Control System Networks to Protect the Enterprise Side Works Too

    by Gib Sorebo on February 10, 2014

    In this column and elsewhere, we’ve seen plenty of exhortations to make sure that control system networks are sufficiently isolated from corporate networks so as to prevent infiltrations from finding their way to the more sensitive and “more important” parts of the organization. For those delivering electricity, pumping oil, or whipping up batches of hazardous chemicals, it is critical that…

  • Information Sharing Post-Snowden, What Changes?

    by Kathleen Moriarty on February 5, 2014

    For this second piece in the series, I’d like to highlight the use of threat modeling to determine the best options to exchange intelligence on the wire. There is no single answer as to how we address the challenges we now face as security professionals with the stream of revelations post-Snowden. We need to determine what is the balance for protecting a nation versus the need for tighter…

  • What the Target Breach Teaches Us About Standards, Regulations, and Critical Infrastructure

    by Gib Sorebo on January 30, 2014

    The recently disclosed security breach of Target’s® point of sale terminals and related infrastructure is likely a lesson on the limitations of standards and regulations to adequately protect sensitive information and critical systems despite the political piling on that traditionally visits a high-profile data breach. However, absent some newly discovered evidence of incompetence, the Target…

  • Data Leakage: The Human End-Around to DLP

    by Christopher Burgess on January 28, 2014

    The old adages "still water finds its own level" and "moving water finds a path of least resistance" both have applicability when we think of data leakage and employees' engagement with data loss prevention (DLP) processes, policies, procedures, and software. With still water, data is at rest; with moving water, your data in transit. There are also two types of employees: Those who are trying to…

  • 5 Tips for Handling Compromised Customer Data

    by Christopher Burgess on January 21, 2014

    Rarely does a week go by when you don't hear or read of a data breach and the accompanying loss of customer data or client personal identifying information (PII). Having a data breach plan in place that provides an honest, direct, and customer-centric solution will go a long way toward retaining the customers or clients affected. Though no one ever wants these things to happen, data breaches do…

  • Event Denial: If I Don't Report It, Did It Really Happen?

    by Christopher Burgess on January 7, 2014

    "If a tree falls in the forest and no one is there to hear it, does it make a sound?" The technological equivalent of this query within cyber security exists, unfortunately: "If a compromise occurs and no one reports it, did it really happen?" The answer in both instances is, "of course." Yet the recent survey of 200 security professionals by Opinion Matters for Threat Track reveals that two-th…

  • New Target Data Breach Lawsuits

    by Stephen Wu on December 31, 2013

    The recent massive data breach into Target’s payment systems compromising millions of payment card numbers is now on the list of the most infamous breaches. In addition, stories are now appearing in news media about lawsuits being filed in the wake of the data breach by victims whose payment card information was believed stolen. I am writing this post to explain what a typical data breach lawsuit…

This document was retrieved from http://www.rsaconference.com/blogs on Thu, 24 Apr 2014 11:19:21 -0400.
© 2014 EMC Corporation. All rights reserved.