Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Encryption Blog
Showing posts tagged with Key Management Server (Key Management)
Showing posts in English
Doug McLean | 09 Feb 2009 | 0 comments

Average Cost of Breach U.S.

Every year PGP Corporation sponsors a series of research projects to determine trends and costs of data breach. These projects are carried out by the Ponemon Institute. Currently, this research is carried out in the U.S., UK and Germany. This week's G-Blog illuminates the increasing cost of a data breach amongst U.S. participants in the 2008 study.  The full reports are available here.

Shilpi Dey | 03 Feb 2009 | 0 comments

Shilpi Dey - Product Marketing Manager

It arrived in a non-descript envelope, similar to the ones promising exciting credit card offers. I would have tossed it in the recycling bin without opening, except that it was from one of the banks (let’s call it bank “B”) where I had an account, and something made me pause and break open the seal. The letter inside explained that some CDs and tapes containing some of my personal information were lost while being transported to an off-site storage facility. The letter reassured me that security is Bank B’s top priority; however, their archive services vendor had notified them that they could not account for one of several boxes of tapes and CDs being transported to their off-site storage facility. The missing media contained some personal information such as name, address, Social Security number and/or shareowner account information. I was especially relieved that though Bank B had not yet...

Doug McLean | 02 Feb 2009 | 0 comments

A couple of days after I wrote last week that we will likely see an increase in the incidence of cybercrime as the world weathers the recession, the Wall Street Journal, in its role as an actual news gathering organization, documented what some analysts are seeing.

The bulk of the story appears based on an interview with Avivah Litan of the Gartner Group as many of the facts in the store come from presentations I've seen Ms. Litan do at various Gartner conferences. She is, incidently, one of the most articulate analysts covering the cybercrime space. If you ever have a chance to see her The story also contains some data from the FBIs Internet Crime Complaint Center, but as it dates from , it doesn't really shed much light on what's happening currently.

The most interesting part of the story for me is the...

Kevin Albright | 02 Feb 2009 | 0 comments

Kevin Albright - Product Marketing Manager

By now I’m sure you’ve heard about last week’s breach at Heartland Payment Systems. The number of total records compromised has not yet been released, but given California’s SB 1386 we should be hearing some sort of estimate soon. What is known is that Heartland has contacted 150,000 merchants that it processes payments for and it handles roughly 100 million credit card and debit card transactions per month. Given that this breach is suspected of starting in October 2008, the quick and dirty math should give you a rough estimate of how big this breach is…Huge! Already companies have been contacting customers, issuing new cards, and we are all put on alert to watch our credit card and debit card statements in the coming months.

The interesting thing about this breach is that Heartland was PCI compliant, and that the nature of this breach fell within the rules of the PCI-DSS v1.2...

Doug McLean | 26 Jan 2009 | 0 comments

ZDNet in the UK is reporting an interesting consequence of the spreading global recession. It seems that many British technology companies that have historically contributed to the Police Central E-crime Unit (PCeU) are instead offering staff in lieu of cash. For those of you that don't follow global economic trends closely, it would appear that the UK is in for an even worse time in this recession than the American (and most other) economies. While the credit crisis may have begun in the U.S., it's hitting the UK much harder due to the relatively higher levels of consumer debt that drove much of the economic growth in the last few years.

Consequently, many tech firms have decided they are better off loaning people to the PCeU rather than writing checks. Ironically, this is probably a better approach to fighting cybercrime than simply handing the authorities money. As both the Center...

Doug McLean | 16 Jan 2009 | 2 comments

Impressive piece by Kentucky Attorney General Jack Conway here.

Mr. Conway is clearly one of the more technically savvy law enforcement officers in the U.S.  He is obviously committed to ensuring that the Kentuck criminal code keeps pace with the new forms anti-social behavior that are enabled by the Internet.

Beyond that, however, Mr. Conway is also investing heavily in educational programs to ensure both parents and minors are aware of some of the risks posed by predators hiding behind the anonymity of the 'net.

Finally, his office maintains a very good web site on safe Internet usage that includes topics such as identity theft, cyberstalking, and even safest way to use the burgeoning social networking sites.

Jack Conway is to be commended for his forward thinking ideas on protecting the citizens of Kentucky....

Doug McLean | 13 Jan 2009 | 0 comments

Since last we looked in on the governments progress in prosecuting the miscreants that perpetrated the watershed TJX breach, there have been limited develoments. In early November authorities charged one Stephen Watt of New York with conspiracy for providing the wireless "sniffer" used to capture millions of credit card numbers as they traversed TJX's unsecured wireless network. If convicted, Watt could spend up to 5 years in prison and be required to pay up to $250,000 in penalties. My guess is he gets off with a much reduced sentence in exchange for providing further testimony against the ring leaders of the conspiracy.

More recently one of the perpetrators that prosecutors believe WAS one of the ring leaders was sentenced last week to 30 years in a Turkish prison on an unrelated cybercrime charge....

Doug McLean | 12 Jan 2009 | 0 comments
Doug McLean | 08 Dec 2008 | 0 comments

Interesting piece in today's Wall Street Journal about President-Elect Obama's decision to appoint a cabinet level cybersecurity chief. The role as described will be one of those cross agency coordination jobs that has almost no staff or resources but significant influence given where it lives in the government.

I'm generally pretty suspicious of plan to create a new little piece of the bureaucracy that's supposed to magically solve some massive problem...witness the issues that the Department of Homeland Security has had. In this case, however, a small coordinating body might make a material difference. For legitimate security reasons, we'll never know how much effort is being expended by the various military and civilian agencies to address cybercrime and cyberterrorism. But, I'd bet dinner that the bulk of the work is stove-piped inside each agency. This turns out...

Doug McLean | 01 Dec 2008 | 0 comments

I've believed this for some time, but the author of this post does an unusually good job of describing how cybercrime gangs are now organized. I also really like the parallel's Michael draws between cybercrime gangs and their Mafia counterparts.

Like he says, "Let's be careful out there."