The landscape of the retail industry is changing. Until recently, distribution was the sector’s principal focus. Today however, following a series of major security breaches to personal data, the issue of securing business information has also become key, particularly in the context of corporate reputation and operational excellence. Dr. Anton Chuvakin, Chief Logging Evangelist at LogLogic explained more to us…
PCI DSS (which stands for Payment Card Industry Data Security Standard) compliance, which addresses the protection of cardholder data, is a recent phenomenon with the PCI Standard being launched in 2004.
Prior to this, individual card brands managed their own security standards governing the processing and handling of cardholder data. The most widely known was Visa’s Cardholder Information Security Programme (CISP) that originally targeted its top …
Frank Schlottke at Applied Security kindly provides us with his top ten tips to avoid embarrassing and potentially damaging data loss.
With so many highly-publicised data losses in the last few months the safety of stored information is now even higher on the corporate agenda – no one wants to suffer the same humiliation as HMRC, DVA or Marks and Spencer. Losing a large amount of company data, whether it is at the hands of a hacker or because someone lost it accidentally, is highly embarrassing. Worse than that, if that data contains sensitive information such as personal details on customers, legal action and mass media coverage can lead to financial loss and potentially irreversible damage to reputation.
There are just three types of data loss to protect against. The first is externally …
We just got latest list of phishing scams and viruses that are causing the most problems as we progress through 2008. You have most likely seen some of these yourself over recent weeks. Below is the list of the top 10 for February:
1. Tax Notification 2. Notification from Billing Department 3. NatWest Bank: please confirm your data 4. please confirm your data 5. NatWest Bank customer service: online form released 6. HSBC Bank: please confirm your data! 7. HSBC Bank: official information 8. HSBC Bank customer service: please confirm your data! 9. please confirm your data. 10. please confirm your data!
TOP BRANDS TARGETED BY PHISHING SCAMS HSBC - 40% CitiBank - 38% Natwest - 16% Bank of America - 6%
For many UK businesses, physically securing computers is preferable to encryption or password protection. This is borne out by the DTI Information Security Breaches Survey 2006 managed by PricewaterhouseCoopers, which reports that “while 24% of large UK businesses encrypt or password protect their computers’ hard discs, 28% of them actually physically secure their desktop PCs and laptops”. Also, it reports that “the bigger the organisation, the more likely it is to have computer equipment stolen”.
However, although it reports that 82% of very large businesses reported theft of equipment by outsiders, it also states that a third of all thefts of equipment in large businesses are carried out by their own staff. Therefore, locking down …
FTP is one of the main data transfer systems that we use on a daily basis, though due to its familiar and frequent usage it suffers from a number of issues. We contacted Craig Whitney from Tumbleweed to get his views on the dangers of the File Transfer Protocol.
Several classified military and government documents were recently found and accessible to anyone with an Internet connection – in this case, by a journalist with a major news organisation. What happened? They were posted carelessly to outdated FTP servers used by government agencies …
SecurityExtra tracks news on information and physical security – two sections of business that for too long have been treated separately. They are the same. more...
Recent Comments
Jon Selby: The disposal aspect of green IT security is an important subject to raise. Far and away the best...
Curly: At least we now know why they chose that logo!
Rick: Using public key encryption is really not as difficult as you make it sound. Yes the sender and recipient must...
Dean Spaccavento: Yep, SMS is a fantastic option for two-factor authentication. At Gardanto, we did some work about...
SecExtra: Anyone want to suggest how much the shipping will be on my bank details next week?
Posted by SecExtra on March 06th, 2008 
The landscape of the retail industry is changing. Until recently, distribution was the sector’s principal focus. Today however, following a series of major security breaches to personal data, the issue of securing business information has also become key, particularly in the context of corporate reputation and operational excellence. Dr. Anton Chuvakin, Chief Logging Evangelist at LogLogic explained more to us…
We just got latest list of phishing scams and viruses that are causing the most problems as we progress through 2008. You have most likely seen some of these yourself over recent weeks. Below is the list of the top 10 for February:
For many UK businesses, physically securing computers is preferable to encryption or password protection. This is borne out by the DTI Information Security Breaches Survey 2006 managed by PricewaterhouseCoopers, which reports that “while 24% of large UK businesses encrypt or password protect their computers’ hard discs, 28% of them actually physically secure their desktop PCs and laptops”. Also, it reports that “the bigger the organisation, the more likely it is to have computer equipment stolen”. 