According to a study by the mega-consulting firm Capgemini, only 21% of banking and insurance executives were highly confident in their ability to detect a breach, never mind defend against one. On the other hand, 83% of consumers trust their bank’s and insurance company’s ability to protect their data. So 4 out of 5 […]
Continue reading → [DISPLAY_ACURAX_ICONS]For Financial Service firms, the message is clear. Both FINRA and the SEC are looking over your shoulder to make sure that you are taking cyber security seriously. And the fines are not small. From hundreds of thousands to millions of dollars, firms big and small are getting whacked with fines. In 2014, the SEC […]
Continue reading → [DISPLAY_ACURAX_ICONS]I generally stay away from politics in this blog, but this item is an interesting intersection of security and politics. And, it is pretty unique. Most non-public sector businesses don’t have to worry about this. While they may or may not let employees use their business email for personal reasons, there are no laws or […]
Continue reading → [DISPLAY_ACURAX_ICONS]Symantec, who is already on probation for issuing inappropriate SSL certificates, issued more than a hundred additional “illegit” certificates. SSL certificates – more technically TLS certificates – are the bits of technology required to make those “secure” web sites work. Certificates are issued by certificate authorities (CAs) – organizations who have supposedly set up processes […]
Continue reading → [DISPLAY_ACURAX_ICONS]NIST Special Pub 800-171 sets the rules for protecting information that defense contractors create and/or store called “Controlled Unclassified Information” or CUI. CUI includes the information that would be very enticing to foreign governments such as Russia, China and others. SP 800-171 was originally released last year and NIST publications usually have a 3 to […]
Continue reading → [DISPLAY_ACURAX_ICONS]You might think this is obvious, but just in case it is not, California wants to make this clear. It used to be, in California, that if you had sensitive data encrypted and that data was stolen, you didn’t have to tell people because, after all, it was encrypted. But there is a rub with […]
Continue reading → [DISPLAY_ACURAX_ICONS]