As you would expect at this time of the year, many 2009 events are being chronicled and organized into some kind of list for publication. One such list that our staff found interesting and appropriate for our business continuity and information security community was recently posted on the Computerworld website.
The name of the list cited, in an article written by Jaikumar Vijayan, is “The 2009 Data Breach Hall of Shame”.
The reason our staff decided to bring this list to your attention, was to offer your information security managers and risk assessment team members a resource reference that – while it may seem at first to be more of an example of what not to do – actually points out potential case studies for your network security and information systems security teams to read, evaluate in terms of applications and decisions that might work well in your organization, and finally, select those practices of companies on that list that your organization should benchmark and consider introducing into your organization as a 2010 continual improvement project activity for your company.
You might be surprised to read that many of the data breaches on this list stemmed from familiar and rather mundane security failures – not just those “sneaky new attach techniques or devastating new hacker tools”.
To read this article and view the entire list of companies “that made headlines for all of the wrong reasons” ….. CLICK HERE