ISR News: Bad Economy Spurs Cyber-Scams
Excerpts From Gannett’s Byron Acohido and Jon Swartz
The boom in cyberthreats that occurred during the last three months of 2008 could accelerate, especially if the economy continues to falter, security specialists say. Organized cybercrime groups have become increasingly efficient at assembling massive networks of infected computers, called botnets, and deploying them to amass large caches of stolen data, according to several surveys and dozens of interviews with security and privacy analysts. Meanwhile, scammers have honed the trickery used to turn stolen data into cash.
Facing the Information Security Hole in 2009
By Laura Wilson
Don’t have an unhappy worker with a flash drive; don’t have a contractor or subcontractor who wants to use this data for harmful purposes; don’t have your data being accessed by anyone that you don’t know; don’t have anyone working in your data centers or accessing them remotely unless you know about and monitor it; don’t have any gaps in any of the products or services anywhere in your data chain. Don’t make any mistakes in what you say to consumers, customers, regulators, investors, or companies with whom you do business. If you’re still sure you have it covered - Don’t Have A Breach.
Another Hit to Shareholder Value
Feature By Laura Wilson, JD, CISA Candidate, ♦ ISR Corporate Liability Editor
“…systemic weakness affects anyone whose personal information is collected by a financial company, and any shareholder in a company that can have a security breach. It should be of concern to management facing the threat of lawsuits or regulatory actions. This weakened system should alarm anyone concerned about national security and countering terrorism.”
Losing Money? Watch Your Data Too…
Feature Article By Anthony M. Freed, ♦ ISR Financial Editor
“What of the dozens of boxes of personal financial information, credit reports, social security numbers and other sensitive information that was found in a dumpster behind an apartment complex in Georgia? It had been in the custody of Ameriquest… And do you remember when WaMu, the troubled national lender, was discovered to have shipped sensitive loan documents to Mexico in semi trucks with some 10,000 records lost in transit? Don’t underestimate the threat that shrinking budgets and layoffs pose to your data security. In these heady and uncertain economic times, don’t we want to know where our data is day and night?”
The Financial Industry Takes Too Much
Feature Article By Anthony M. Freed, ♦ ISR Financial Editor
“The financial sector itself has been building for many decades into the largest single element of the American economy. We have moved to a world where far too many of us seemingly no longer make anything; we’re merely trading pieces of paper, swapping stocks and bonds back and forth with one another, and paying our financial croupiers a veritable fortune.
In the process, we have inevitably added even more costs by creating ever more complex financial derivatives, in which huge and unfathomable risks have been built into the financial system.” - John Bogle, Vanguard Founder
Don’t Neglect Information Security
Feature By Kevin M Nixon, MSA, CISSP, CISM, ♦ ISR Master Security Editor
and Laura Wilson, JD, CISA candidate, ♦ ISR Corporate Liability Editor
“Most business teams don’t want to do the wrong thing, but many have not been given the information or tools to adequately understand the situation and make supportable decisions. Most contract and deal teams don’t want to do the wrong thing, but the old job functions have not been given the gravitas, training, or compensation structure to push back on proposals that carry unacceptable risk. It’s hard enough to protect this stuff during good times. With layoffs, cost-cutting, companies folding, projects changing hands, and unhappy workers bearing flash drives, keeping track of these information assets and who touches them is a huge challenge.”
Un-Common Knowledge
Feature By Kevin M Nixon, MSA, CISSP, CISM, ♦ ISR Master Security Editor
“Think about that. If 2 million records are stolen and sold for $2 per record, the “ID Thief” has made a cool $4 million off of what took you years of honest hard work to create. The same technology used to steal your information is often used to sell your information. Your data is often sold through large instant-message groups or via online auctions, both of which may only exist for a few hours or days to avoid detection by authorities.”
Reality to Palin: Anybody In There?
Feature By Kevin M Nixon, MSA, CISSP, CISM, ♦ ISR Master Security Editor
“Now, think about the current state of the global economy. If publicly-traded Corporations use these services and do not disclose the risk in their Sarbanes-Oxley (SOX) disclosures to the Securities and Exchange Commission (SEC) they are committing a Crime and deserve the fines and deserve to serve the time in prison as stipulated by law. We hear calls for stiffer regulations, oversight and transparency, but; do we really know how much of our private information is “out walkin’ around” already?”
Wait - The Palin Story Gets Worse…
Feature By Kevin M Nixon, MSA, CISSP, CISM, ♦ ISR Master Security Editor
“Once the Governor began transmitting information in an unprotected manner via her personal web-based email account, which was outside the State of Alaska’s highly secure and well protected network, there was no way to guarantee the safety and integrity of those date floating in cyber-space. In other words, there was no way for the Governor or other state employees to know if the information which was being transmitted was being intercepted and read by someone who was not authorized under the State’s Data Security Policies and Procedures or the Federal Data Privacy Laws.”
