Cyber Security Institute

Thursday, May 07, 2009

Heartland breach cost $12.6 million, CEO says

Heartland Payment Systems Inc. said it was experiencing losses this quarter as a direct result of a massive data breach it disclosed in January when investigators discovered a malicious program sniffing credit card data passing through its systems.  The company said it took a $2.5 million loss for the quarter as a result of spending more than $12.6 million in legal bills, fines from MasterCard and Visa and administrative costs.


Startup Takes New Spin On Online Fraud Detection

A security startup is preparing to emerge from stealth mode with a new technology that detects in real-time whether an online user or member of a social network is legitimate—and not a bot, automated tool, or criminal performing financial or other online fraud.  Pramana, which will officially launch in July, has developed what it calls HumanPresent, a technology spun off from research at Georgia Tech that catches online fraud in action, real-time, using a dynamic method of identifying human behavior anomalies while at the same time preventing the fraudsters from detecting that they’re being watched.


Expert Names Top 10 Audit Issues of 2009

As IT environments become more complex, enterprises rely on them more than ever before, said Michael Juergens, principle at Deliotte & Touche, speaking at the ISACA CACS audit and compliance conference.  Top challenges include cloud computing, virtualization, and a company’s own employees. There may be a greater or lesser risk depending on your industry, technology, business processes, and other factors,” he added.  He said that auditors should make a careful risk assessment at any enterprise that uses external cloud computing solutions.  Juergens added that virtualization, often a key component of private clouds, carries the same risks as public clouds.


Wednesday, May 06, 2009

The New Face of Cybercrime Revealed

If one thing is clear from Verizon’s recently published 2009 Data Breach Investigations Report it is that cyber crime has taken on a frightening level of maturity.  This is the second year that Verizon has published data from the breach investigation work they perform for their clients. While these [other[ reports do drive home the expense, loss of reputation, and compliance requirements associated with good data protection they do not shed the same light on methodologies that Verizon does.


Friday, May 01, 2009

Experts Chart Spike in Cyber Sieges

Cyber attacks with enough firepower to knock entire countries off the Internet have spiked in recent months, raising fresh concerns within the security community about weaknesses in the Internet infrastructure that help create such weapons of mass disruption.  These “distributed denial of service” or DDoS attacks use robot networks or “botnets”—many hundreds or thousands of compromised PCs—to flood targets with so much junk traffic that they can no longer accommodate legitimate visitors.  While DDoS attacks have been a common threat since the dawn of the commercial Internet, DDoS watchers, such as Arbor Networks, have tracked a recent spike in the number, sophistication and size of attacks against major Internet providers.  Attackers also appear to be picking bigger targets.