Data Breaches: A State’s Perspective

A Q&A with Barbara Anthony, Undersecretary of Massachusetts Office of Consumer Affairs and Business Regulation
Since 2009, Massachusetts has been releasing reports on the state’s data breaches. In 2013, the state received over 1,800 notifications for breach events that had the potential to impact over 1.2 million residents. I asked Barbara Anthony about the current state of affairs in Massachusetts and the data security threats she sees on the horizon.

Continue Reading

The Weakest Link: Black Swan Attacks

1finalswanblacksoloA Q&A with Joseph Loomis of CyberSponse
An ongoing challenge for any organization trying to enforce cyber security is the constant stream of new exploits, all of which rely on a lack of awareness about particular vulnerabilities. In the face of the recent seemingly “black swan” attack on JP Morgan, I asked Joseph Loomis, founder and CEO of CyberSponse, about security blind spots and their consequences

Continue Reading

Backoff Malware: A POS Nightmare

concetto di software infettoA Q&A with Karl Sigler of Trustwave
The Secret Service estimates that there have been over 1,000 data breaches at point-of-sale (POS) systems via Backoff malware. I asked Karl Sigler, Threat Intelligence Manager of Trustwave and a member of the team that initially identified Backoff to explain this insidious malware and why retailers should be concerned about it.

Continue Reading

Sorting Out the Consequences of PCI Data Security Noncompliance

A Q&A with David Navetta of Information Law Group
The Payment Card Industry (PCI) Security Standards Council Data Security Standards (DSS) were established in 2006, but that’s only one piece of the payment card liability puzzle. Merchants are also held to card brand rules via their merchant and other contractual arrangements with merchant banks or the card brands. I spoke with Dave Navetta, a founding partner of InfoLawGroup LLP, about the types of consequences retailers can face during a data breach.

Continue Reading

The Truth in the Numbers: Data Breach Analysis

A Q&A with Patrick Florer of Risk Centric Security
While it’s easy to get caught up in the splashiest current news story about a particular breach, analyzing a broader swath of cyber security data can give us a more vivid and sometimes more precise picture of the real risks facing organizations today. I spoke with Patrick Florer of Risk Centric Security about what precisely constitutes a data breach and what the statistics show us.

Continue Reading

Man in the Middle Attacks: A New Line of Defense

businessman using laptop with thief shadow

A Q&A with Norm Brogdon of Data Stream Protector
Much like eavesdropping, man in the middle (MITM) attacks allow a perpetrator to imperceptibly steal data—a malicious and insidious threat that has been underreported in the media. I spoke with Norm Brogdon of Data Stream Protector about the MITM exploit and how it can be stopped.

Continue Reading

Ethical Innovation and Big Data Privacy

Guest Author: Jamie Sheller Esq. NetDiligence®

‘Big Data’ may be changing the world but it is not changing American’s belief in the value of protecting privacy.

In one of the few areas of liberal and conservative consensus, Americans stand firmly behind the Fourth Amendment to the Constitution which protects the “right of the people to be secure in their persons, houses, papers, and effects against unreasonable searches and seizures.”

Continue Reading

No more posts.