Study: Cost of Data Breaches Increasing

A study published by Ponemon Institute, and sponsored by IBM, purported that the average total cost of data breaches increased 15% in the last year to $3.5 million, or $145 per record containing protected information.  The study included participants from 314 companies in at least 10 countries.  There are a number of key facts that the study shows regarding reduction factors in the cost of a breach, as well as factors that increase the cost.  The study found that appointing CISO, maintaining a business continuity management program, and developing an incident response program can reduce the cost per record of a [...]

Apple iOS and Email Attachment Encryption: A Question of Compliance

UPDATED: 7/1/2014 Apple has released iOS 7.1.2 which is supposed to resolve the issue where a user can access unencrypted mail attachments.  We recommended updating all Apple mobile devices as soon as possible. It was reported a few days ago by Andreas Kurtz, that since iOS 7.0.4  and including the most recent Apple iOS 7.1.1 email attachments using the native mail clients are not encrypted.  He was able to access these files even though the device's disk is encrypted.  What does this mean for compliance?  How many users are emailing patient information (HIPPA), finance data or other protected data thinking that their devices [...]

The Switch to Chip and PIN. Will it change anything?

Chip & PIN, the future of credit cards Late next year the U.S. will finally catch upto the rest of the world when it comes to credit card transactions.  Customers will no longer be signing credit card receipts, instead they will enter a PIN, similar to making a debit transaction.  The U.S. is the last major market to still use the old-fashions signature system, which is the primary reason why about half of the world's credit fraud happens in the U.S. What is Chip & PIN? Basically, we are replacing our signature with a PIN code.  Each card will include [...]

By | 2014-05-20T14:03:47-05:00 February 10th, 2014|Compliance, Computer & Network Security, PCI, Research|0 Comments

Top 25 Passwords from 2013: 123456 reigns supreme

2013 crowned a new champion of the #1 password based on passwords collected from data breaches.  The top password for 2012 was 'password,' but 2013 announces that '123456,' reigns supreme. SplashData, a security firm, releases their findings each year of the top passwords discovered from breaches.  This year, due to the size of the Adobe breach, you'll see some Adobe passwords make the list. 123456 (+1) password (-1) 12345678 (0) qwerty (+1) abc123 (-1) 123456789 111111 (+2) 1234567 (+5) iloveyou (+2) adobe123 123123 (+5) admin 1234567890 letmein (-7) photoshop 1234 monkey (-11) shadow sunshine (-5) 12345 password1 (+4) princess azerty [...]

By | 2014-10-14T09:36:06-05:00 January 21st, 2014|Compliance, PCI, Privacy|1 Comment

Target Data Breach Timeline

Updated: Originally posted by the WSJ, and sourced here from Business Insider, Target had warning last spring about a new emerging threat against POS systems.  Internal analysts requested additional scrutiny. Updated: According to an article posted on Krebsonsecurity "the initial intrusion into its systems was traced back to network credentials that were stolen from a third party vendor." The recent retail breaches show that compliance is not enough.  Cyber security needs to be an organizational wide initiative:    Initial Target Data Breach Breach: Target, sometime between Thanksgiving and December 15th, 2013.  Estimated 40 million records. Discovered: Sometime around mid December 2013. Reported: Target confirms [...]

Target Stores said have data breach of over 40 million customers

Source: http://news.cnet.com/8301-1009_3-57616054-83/target-investigating-massive-black-friday-data-breach-report/ Everyone will be attacked, and many will be breached.  Have you taken steps to protect your organization or made plans for how to react in the event of a data breach?  Securit360 offers services to fortify your security programs, train your employees, and measure your vulnerabilities. [av_button label='Contact Us' link='page,35' link_target='_blank' color='theme-color' custom_bg='#444444' custom_font='#ffffff' size='small' position='right' icon_select='no' icon='ue800' font='entypo-fontello']