Archive for September, 2011
10 Identity Management Metrics that matter
Posted by brianfpennington in brian pennington on 29/09/2011
Frank Villavicencio of Identropy is an expert in Identity and Access Management (IAM). In a recent article he produced a list of 10 Identity Management Metrics that will help focus the security aspirations of almost any organisation. The 10 pieces of advice are below: 1. Password reset volume per month. This one is a classic in identity management, and […]
Travel sector suffering more than most from credit card fraud
Posted by brianfpennington in brian pennington on 23/09/2011
Image by Evil Yoda via Flickr Travel companies suffer a higher rate of card fraud than the average UK business as a result of the explosion in card-not-present transactions. An industry conference in London yesterday was told that overall card fraud is falling, but card-not-present transactions have ballooned and retailers invariably bear the cost of […]
The majority of adults are worried about possible exposure of their personal information
Posted by brianfpennington in brian pennington on 20/09/2011
According to SailPoint’s Market Pulse Survey, the majority of adults in the United States, Great Britain and Australia are worried about possible exposure of their personal information, and a large percentage of adults have lost confidence in how companies protect their personal information. As an example, 80% of Americans, 81% of Britons and 83% of Australians who have […]
PCI SSC publishes its first set of PCI Point-to-Point Encryption Solution requirements
Posted by brianfpennington in PCI DSS Compliance on 19/09/2011
New requirements focus on hardware-based solutions and support optional scope reduction efforts in a secure, PCI DSS compliant environment The PCI Security Standards Council (PCI SSC), a global, open industry standards body providing management of the Payment Card Industry Data Security Standard (PCI DSS), PIN Transaction Security (PTS) requirements and the Payment Application Data Security […]
Six Years of Data Breaches including the TOP 10 largest Breaches
Posted by brianfpennington in brian pennington on 19/09/2011
Image by jaygoldman via Flickr The Leaking Vault 2011 report from the Digital Forensics Association has gathered data from studying 3,765 publicly disclosed data breach incidents, and is the largest study of its kind to date. Information was gleaned from the organizations that track these events, as well as government sources. Data breaches from 33 countries were […]
CIOs Optimistic About Information Security
Posted by brianfpennington in brian pennington on 19/09/2011
PwC have released their 2012 Global State of Information Security Survey. The survey is a worldwide security survey by PwC, CIO Magazine and CSO Magazine. It was conducted online between February 10 and April 18, 2011. Survey respondents were from around the globe and were invited via email to take the survey. The results discussed in this report are […]
Test your IT Security and ID Theft Knowledge
Posted by brianfpennington in brian pennington on 18/09/2011
Image via Wikipedia Preparation is often the best way of ensuring you have the right protection. The Consumer Federation of America have worked to put together some excellent quizzes that will help you understand the potential impact of an Identity Theft and several IT Security threats and risks. Test your Identity Theft knowledge by participating in any […]
ICO takes action against the Child Exploitation and Online Protection Centre and the Serious Organised Crime Agency
Posted by brianfpennington in brian pennington on 16/09/2011
Image via Wikipedia The Information Commissioner’s Office (ICO) has taken action against The Child Exploitation and Online Protection Centre (CEOP) and the Serious Organised Crime Agency (SOCA) – its parent organisation after the discovery of a security flaw on CEOP’S website, the Information Commissioner’s Office (ICO) said today. On 6 April, the ICO received a complaint […]
Merchants are more concerned about their brand than PCI fines
Posted by brianfpennington in PCI DSS Compliance on 12/09/2011
A joint CyberSource and Trustwave survey has shown that nearly 70% of Merchants cited the need to “protect the brand” as the primary driver for tightening controls against hackers and other payment security risks. Only 26 percent said avoiding fines resulting from non-compliance with the Payment Card Industry Data Security Standard (PCI DSS) were the […]
Five Ways to Fall Victim to Credit Card Fraud
Posted by brianfpennington in Uncategorized on 11/09/2011
Originally published on September 09, 2011 by Fox News this article by Lora Shinn is a simple but effective way of avoiding becoming another victim of credit card fraud. Review these mistakes to avoid becoming a victim of debit or credit card fraud. 1. Failing to Look for Skimmers Thieves may attach skimming devices to the […]
FBI Releases Bank Crime Statistics for Second Quarter of 2011
Posted by brianfpennington in brian pennington on 10/09/2011
Whilst not being strictly an IT Security or Compliance story the statistics are very interesting and in particular the break down of who has done what and where which are contained in the full report which can be found here. During the second quarter of 2011, there were 1,023 reported violations of the Federal Bank Robbery […]
13% of Britains are “casual hackers” and 16% have been hacked…
Posted by brianfpennington in brian pennington on 09/09/2011
CPP Group Plc a “life assistance company“ has published its research into people accessing other people’s data without their permission, also known as hacking. The results are alarming, with “13% admitting they have accessed someone else’s online account details without their permission”. CPP have coined the term “casual hacking” with Facebook and similar social sites being the […]
Who has the Information Commissioner caught in the last 3 months ?
Posted by brianfpennington in brian pennington on 08/09/2011
Image via Wikipedia On the 7th September, The Information Commissioner’s Office (ICO) announced the results of its investigation into The University Hospital of South Manchester NHS Foundation Trust breached the Data Protection Act after it lost the personal data of 87 patients. The information was lost after a medical student, who had been on a placement […]
9 steps to take if your credit card data is hacked
Posted by brianfpennington in brian pennington on 02/09/2011
Lisa Bertagnoli on Creditcards.com has produced a list of the 9 things you should do if your credit card is hacked/stolen/cloned or otherwise dealt with in a criminal fashion. As a checklist it contains some excellent advice, not just for credit card security but for all your data. 1. Make sure there’s really been a breach. […]
How advanced attacks succeed, despite $20B spend on enterprise IT security
Posted by brianfpennington in brian pennington on 01/09/2011
Image via CrunchBase FireEye has recently released their research into why IT Security attacks continue to be successful despite an annual IT Security spend of $20 billion. A summary of key findings of the FireEye research are below: 1) 99% of enterprises have a security gap, despite $20B spent annually on IT security. Within a […]
PCI DSS – updated guidelines for WiFi and new guidance on Bluetooth
Posted by brianfpennington in PCI DSS Compliance on 01/09/2011
The Wireless Special Interest Group (SIG) PCI Security Standards Council (PCI SSC) have released an Information Supplement for PCI DSS Wireless Guidelines. The update updates the PCI DSS guidance to align to version 2 of the PCI Data Security Standard and incorporates guidance for Bluetooth. All Merchants and Credit Card processors should read the document […]
-
You are currently browsing the archives for September, 2011
Brian Pennington
-
