October 23, 2014

FTC Allowed to Proceed with Lawsuit against Hotel Group after Information Security Breaches

data breach pic 1

This website and its readers are well aware of the risk management challenges and opportunities for companies to make decisions over the growing number of information security breaches related activities. Unfortunately, many of these concerns can easily be lost over these risk mitigation topics for small business firms. Nonetheless, supply chain management dynamics can often force even small business firms to have to pay attention to recent developments in this area of information security enforcement--- and --- it is with this point in mind that our staff focused its attention on the … [Read more...]

2014 US State of Cybercrime Survey Report Now Available

cyberville

Recently, a report entitled the “2014 US State of Cybercrime Survey” was released and made available to the public.  This survey was co-sponsored by PwC, CSO magazine, The CERT® Division of the Software Engineering Institute at Carnegie Mellon University, and the United States Secret Service.  Cybersecurity leaders from these organizations worked together to evaluate survey responses from more than 500 executives of US businesses, law enforcement services, and government agencies where they identified requirements for effective cyber security processes and procedures and evaluated these … [Read more...]

Cyber Intelligence Sharing Website Newly Launched

Our staff would like to bring your attention to the fact that U.S. retailers have recently joined forces and have launched a website called “Retail Cyber Intelligence Sharing Center”. In order to create a structure for this website and to better address the needs of the retail industry, the R-CISC was developed with input from more than 50 of America’s largest retailers, and in consultation with key stakeholders including federal law enforcement, government agencies and subject matter experts. For the record, the R-CISC is an independent organization, the focus of which is a Retail … [Read more...]

Disaster Preparedness Teams Can Benefit from a Recent World Economic Forum 2014 Risks Report

Photo courtesy of World Economic Forum

In an earlier posting on this website, our staff published a story reviewing the consensus for listing the threats of 2013 which impacted many organizations.  In this posting, the point addressed is that very often risks of threats or incidents can impact an organization because of the occurrence of some global size event that would appear to be beyond the scope of an organization’s disaster preparedness planning. With that thought in mind, our staff would like you to be aware of a recently released World Economic Forum report which attempts to size up the impact of some all-too-real … [Read more...]

Information Security Scams This Christmas

Photo courtesy of adsadvance.co.uk

With the holiday season upon us once again, our staff would like to focus some of your attention on some information security concerns regarding the likely use of digital devices as each of us try to make our Christmas buying lists and plans for upcoming holiday festivities.  Our point is that for every Santa there is a Grinch, and a cybercriminal is most likely waiting in the wings to turn all that holiday cheer into fast cash as he spreads his scams and malware. To help you stay protected as you search high and low both on and offline for the perfect presents for your loved ones, McAfee … [Read more...]

ASIS International — Invitation to Attend World’s Most Influential Security Events

ASIS logo Official

ASIS International has led the security industry by providing up-to-the-minute education and strategic solutions to professionals around the world.  Both physical and information security professionals have benefited from these offerings for nearly sixty (60) years. Our staff supports ASIS International and encourages our readers to be aware of the following schedule of upcoming seminars and exhibits: ASIS-PAC in Macau, China – December 3-5, 2013 ASIS MIDDLE EAST in Dubai, UAE – February 16-18, 2014 ASIS EUROPE in The Hague, Netherlands – April 1-3, 2014 ASIS NYC in New York, … [Read more...]

Context Aware Security: Is It Time for Your Organization to Implement this Approach in Protecting Its Assets?

Photo Courtesy of ComputerWeekly.com

Has your organization adopted a “context aware” IT security model?  Perhaps, it has adopted a single password model of IT security approach ---and, if it has done so, then as members of your organization’s information and network security team, it is your responsibility to at least consider the benefits of moving beyond an IT security equivalent of “putting all your eggs in one basket” to an IT security model smart enough to add context to a security event. As Leon Ward states in a recently posted article, “…..context aware security is the use of situational information (such as identity, … [Read more...]

Red Teaming Course Now Offered by Watermark Institute

Photo courtesy ooda.com

Amy E. Hutchens, CCEP, General Counsel, Vice President Compliance & Ethics Services at Watermark Risk Management International, LLC – and a contributing writer to this website -- has brought our staff’s attention to a valuable disaster preparedness resource stemming from the recent launching of “Red Teaming” courses now offered by the Watermark Institute led by its director, Dr. Mark Mateski. Red Teaming According to the “Red Team Journal” publication, red teaming is the practice of viewing a problem from an adversarial, competitive, or contrarian point of view. Red teams seek to … [Read more...]

Mobile Device Threats in Corporate Environments are Real and Costly

Photo courtesy of desirulez.net

While few risk management teams would fail to recognize the growing potential for information security threats involved in mobile devices, the fact remains that a lack of integrated mobile security is continuing to cost companies in terms of everything from lost productivity to lost data. Cyber criminals also continue to target mobile workers as easy potential access portals to a company’s backend IT infrastructure. As a result, many organizational security risk management teams can argue that their company might need to supplement its integrated mobile defense program with a coherent … [Read more...]

Security Industry — New ASIS Report Assesses the State of the U.S. Security Industry

Photo courtesy of computerweekly.com

By: Ben J. Carnevale, Managing Editor An increasingly challenging security (physical and IT) related threat environment for U.S. businesses remains a major topic for all security management team in companies throughout the country. And, without a successful ability to align senior management strategic thinking with those threats still too often leaves those team under-funded and without the critical support needed for achieving their objectives. To shed some light on this critical issue and perhaps give some needed information to help in security management team presentations to upper … [Read more...]