After Yahoo announced it’s mega breaches and it’s General Counsel was fired, this article is not much of a surprise. John Reed Stark, head of his own consulting firm but formerly of the Chief of the SEC’s Office of Internet Enforcement and former Law professor at Georgetown Law and David Fontaine, CEO of the billion […]
Continue reading → [DISPLAY_ACURAX_ICONS]According to a study by the mega-consulting firm Capgemini, only 21% of banking and insurance executives were highly confident in their ability to detect a breach, never mind defend against one. On the other hand, 83% of consumers trust their bank’s and insurance company’s ability to protect their data. So 4 out of 5 […]
Continue reading → [DISPLAY_ACURAX_ICONS]For Financial Service firms, the message is clear. Both FINRA and the SEC are looking over your shoulder to make sure that you are taking cyber security seriously. And the fines are not small. From hundreds of thousands to millions of dollars, firms big and small are getting whacked with fines. In 2014, the SEC […]
Continue reading → [DISPLAY_ACURAX_ICONS]I generally stay away from politics in this blog, but this item is an interesting intersection of security and politics. And, it is pretty unique. Most non-public sector businesses don’t have to worry about this. While they may or may not let employees use their business email for personal reasons, there are no laws or […]
Continue reading → [DISPLAY_ACURAX_ICONS]Symantec, who is already on probation for issuing inappropriate SSL certificates, issued more than a hundred additional “illegit” certificates. SSL certificates – more technically TLS certificates – are the bits of technology required to make those “secure” web sites work. Certificates are issued by certificate authorities (CAs) – organizations who have supposedly set up processes […]
Continue reading → [DISPLAY_ACURAX_ICONS]NIST Special Pub 800-171 sets the rules for protecting information that defense contractors create and/or store called “Controlled Unclassified Information” or CUI. CUI includes the information that would be very enticing to foreign governments such as Russia, China and others. SP 800-171 was originally released last year and NIST publications usually have a 3 to […]
Continue reading → [DISPLAY_ACURAX_ICONS]