In a recent interview in which the Director of National Intelligence stated that cyberterrorism is a huge threat to our security in the United States, he also said that businesses lost an estimated $1 trillion to cyber crimes in 2008. I can only imagine that that number increased in 2009 and 2010 and will continue to increase. I’ll discuss this more in a post later but just wanted to throw that out there in case it surprised anyone else as much as it did me!
Should Julian Assange go to jail? Is he an international terrorist? I’ve heard so many different opinions on the man and the website who is responsible for the release of so many classified documents and everyone seems to agree that what he did is wrong but what should the punishment be. Maybe you don’t even think he should be punished.
The latest news today was that Assange will be meeting with his attorney and police today to begin to figure out what happened and what if any laws he’s broken. I’d be interested to hear your thoughts on the subject.
Sorry for the absence but things have been crazy around the office and I let blogging get left behind. While I’ve been gone there has been a ton of data breaches and other related events happening so I hope you’ve been able to keep up. While reading an article today I found one that might hit home for some of you. A data storage company suffered a breach and lost HIPAA information for a large number of patients. That information caused the client to spend over $3,000,000 dollars to comply with the breach notification laws.
To read the entire article, click here.
Yesterday, the FTC warned nearly 100 companies that personal information about employees and customers had been breached. Although the FTC wouldn’t identify the companies, they did say they included both public and private companies, small to large companies and included schools and governmental entities. It appears the source of all this lost data was none other than P2P file sharing networks on the companies computer systems. Restricting your employees from using popular P2P programs like Limewire and Kazaa is one of the first things I advise small business owners to do to protect their data. I can understand a smaller business owner not knowing the risks presented by these programs but a large publicly traded company ignoring this risk shows how far we still have to go in war against cyber criminals.
To read the article, click here.
There was a great article in the National Journal yesterday about insurers helping protect companies from a cyber attack. In 2002, the Bush administration worked hard with insurance companies to broaden coverages helping protect a company in the event of a breach. These coverages have been slow to take off but due to the recent well publicized breach last week involving China and Google some experts think companies will begin to take this coverage more seriously.
To read the National Journal article, click here.
Recently code was leaked that allowed people to easily hack into Gmail accounts for people using IE 6. Although it is an older version of Internet Explorer, it is still present on old PC’s and people’s work computers. Google said that it was hit by the cyber attacks from China and most of them involved accessing Gmail accounts of Chinese Human Rights activists.
In a recent blog post written by the Ponemon Institute they discuss how to create a culture of privacy in your organization. Just as organizations who take employee safety seriously have less risk of an injury, companies who take data security seriously have less of a chance of suffering a breach. Put up reminders in the office to make sure all attachments are secure before sending them out, reminding people to change passwords and set passwords on laptops and mobile devices, or hold an annual seminar to keep employees aware of relevant issues. These are just a few of the many things you can do to create a culture of privacy in your organization.
To read the complete post, click here.