Monthly Archives: December 2011

Is Public-Private Information Sharing Needed to Respond to the Massive Increase in Cyber Attacks?

Interesting article in Friday’s Wall Street Journal on potential cybersecurity legislation to improve information sharing between industry and government.  Perhaps the best part of the article is the citation of statistics from Symantec’s annual Internet Security Threat Report:  Trends for 2009 and 2010 on how many customer has updates Symantec sent out to address new attacks customers were facing:

  • 2002:  20,254 updates
  • 2003:  19,159 updates
  • 2004:  74,981 updates
  • 2005:  113,081 updates
  • 2006:  167,069 updates
  • 2007:  708,742 updates
  • 2008:  1,691,323 updates
  • 2009:  2,895,802 updates
  • 2010:  10,000,000 updates
  • More

“Once More Unto the Breach, Dear Friends, Once More”: The Increasing Recognition of Complexity in Data Breach Response and Reporting

In an article in today’s New York Times, we get some real-life insight into the difficulties in responding to a data breach.  Even simple questions, like whether or not to report the breach and who is responsible for reporting it, take on unforeseen complexity.

The particular breach in question happened at the Massachusetts eHealth Collaborative, when an employee’s car was broken into and a company laptop stolen. … More

Waiters at High-End Steakhouses Arrested for Stealing Customer Credit-Card Numbers

At most restaurants, when the time comes to pay the check, you hand over your credit card and a waiter you’ve known for only about an hour takes off with your credit card. You trust that the waiter will only charge your meal and won’t make off with your card number.  But if you ever have been to a Legal Sea Foods restaurant, you will notice that the waiter brings a handheld electronic device to your table to swipe your credit card when you are ready to pay the bill. … More