Cyber Security Institute
Thursday, May 07, 2009
Heartland breach cost $12.6 million, CEO says
Heartland Payment Systems Inc. said it was experiencing losses this quarter as a direct result of a massive data breach it disclosed in January when investigators discovered a malicious program sniffing credit card data passing through its systems. The company said it took a $2.5 million loss for the quarter as a result of spending more than $12.6 million in legal bills, fines from MasterCard and Visa and administrative costs.
Startup Takes New Spin On Online Fraud Detection
A security startup is preparing to emerge from stealth mode with a new technology that detects in real-time whether an online user or member of a social network is legitimate—and not a bot, automated tool, or criminal performing financial or other online fraud. Pramana, which will officially launch in July, has developed what it calls HumanPresent, a technology spun off from research at Georgia Tech that catches online fraud in action, real-time, using a dynamic method of identifying human behavior anomalies while at the same time preventing the fraudsters from detecting that they’re being watched.
Expert Names Top 10 Audit Issues of 2009
As IT environments become more complex, enterprises rely on them more than ever before, said Michael Juergens, principle at Deliotte & Touche, speaking at the ISACA CACS audit and compliance conference. Top challenges include cloud computing, virtualization, and a company’s own employees. There may be a greater or lesser risk depending on your industry, technology, business processes, and other factors,” he added. He said that auditors should make a careful risk assessment at any enterprise that uses external cloud computing solutions. Juergens added that virtualization, often a key component of private clouds, carries the same risks as public clouds.
Wednesday, May 06, 2009
The New Face of Cybercrime Revealed
If one thing is clear from Verizon’s recently published 2009 Data Breach Investigations Report it is that cyber crime has taken on a frightening level of maturity. This is the second year that Verizon has published data from the breach investigation work they perform for their clients. While these [other[ reports do drive home the expense, loss of reputation, and compliance requirements associated with good data protection they do not shed the same light on methodologies that Verizon does.
Friday, May 01, 2009
Experts Chart Spike in Cyber Sieges
Cyber attacks with enough firepower to knock entire countries off the Internet have spiked in recent months, raising fresh concerns within the security community about weaknesses in the Internet infrastructure that help create such weapons of mass disruption. These “distributed denial of service” or DDoS attacks use robot networks or “botnets”—many hundreds or thousands of compromised PCs—to flood targets with so much junk traffic that they can no longer accommodate legitimate visitors. While DDoS attacks have been a common threat since the dawn of the commercial Internet, DDoS watchers, such as Arbor Networks, have tracked a recent spike in the number, sophistication and size of attacks against major Internet providers. Attackers also appear to be picking bigger targets.