One good way to tell if a topic has become mainstream is to monitor USA Today. So I wasn't terribly surprised when I found the lead in the paper's Money section on New Years Day to be focused on the latest trend in cybercrime. It seems that many cybercriminals, frustrated with the countermeasures put in place by larger banks and enterprises are now targeting smaller businesses that have adopted online banking as a way to save both money and and time.

As we all know cybercrooks like to target the weakest link in any system that might yield cash or cash equivalents. In this case, the miscreants have determined that the some of the systems banks use to support smaller businesses have material weaknesses that can be exploited. Specifically, the Automated Clearing House (ACH) systems and wire transfer systems have not kept pace with...

Albert Gonzalez, the mastermind behind the TJX, Heartland and Hannaford Bros. breaches, recently admitted that he was also the perpetrator behind the 2007 breach of Target Stores. While it was a small breach in comparison to his other accomplishments, prosecutors deemed it worthy of adding another two years to the minimum sentence they are requesting.

The Reuters report on the case indicates Gonzalez will now serve 17 to 25 years for his crimes. What I found more interesting than the developments in Gonzalez' case was the mention that one of his co-conspirators, Steven Watt, who was convicted of developing the software Gonzalez used, has been sentenced to two years in prison for his contributions to Gonzalez crime spree. He also gets to spend an extra three years having all of his computer and Internet activities "monitored."

The reason I think this is significant is that...

These days you don’t need to wait for holiday sales to buy the tiniest, highest capacity USB thumb drive you can find. A 2GB USB drive sells for under $10 in the US, and works great to put family pictures, your favorite music (yes, the 80s were a good era) and oh yeah, the customer files you need to share with Bob at the audit firm. There’s only one problem: these drives tend to get lost easily, or as what often happens with most people, you just can’t remember where you put it. If that happens, you have now put out confidential company data (and possibly personal data) free for all to see, out into the world. This can very quickly turn into an organizational nightmare when it turns out that the drive was indeed lost, and now your organization has to inform investors, its customers, and just about everybody else about this loss. A look at the...

Doug McLean - Blogmeister

So why does an information security company care whether you use Facebook or Outlook to communicate? The answer is that PGP Corporation is committed to protecting our customers’ data regardless of where it is and what device it is on. Giving up email or migrating to a hybrid email/social networking platform does not absolve individuals and enterprises from protecting the confidential information contained in their messages, status updates and tweets.

In fact, it complicates the situation in that there is clearly a class of information you will never want resident on any platform over which you don’t have complete control. This need for secure communications, particularly in the case of the social networking platforms (SNP), will lead to private Twitter groups (Flocks?), identity verified Facebook groups, and user encrypted message archives.  NOW this gets interesting.

There has been...