So... What are my Computer Security students worth now?
http://www.databreaches.net/?p=17005
Corporate data breach average cost hits $7.2 million
March 8, 2011 by admin
The cost of a data breach went up to $7.2 million last year up from $6.8 million in 2009 with the average cost per compromised record in 2010 reaching $214, up 5% from 2009.
The Ponemon Institute’s annual study of data loss costs this year looked at 51 organizations who agreed to discuss the impact of losing anywhere between 4,000 to 105,000 customer records. The private-sector firms participating in the Ponemon Institute’s “2010 Annual Study: U.S. Cost of a Data Breach” hail from across various industries, including financial services, retail, pharmaceutical technology and transportation.
Read more on NetworkWorld. Of note, those who respond quicker to getting notifications out to consumers, seem to be paying more: [Not the statistic I was hoping for... Bob]
About 41% of the respondents in the study said their organization had notified victims within one month of discovering the data breach, up from 36% in 2009. But these so-called quick responders paid $268 per record, up 22% from 2009 — and substantially more than companies that took longer, which paid $174 per record, down 9% from 2009.
Okay, that’s not good. We don’t want entities having to pay more promptly disclosing. What is increasing the cost of the breach clean-up to entities who respond quickly? According to Ponemon’s press release:
Costs pile up in a rush to make a one-month or less reporting time deadline and don’t necessarily mean companies are doing a better job in the forensics of understanding exactly what happened to them in the data breach, says Ponemon. Instead, it seems to lead to an “over-reporting phenomenon” where more records than were actually in the data breach are reported and publicly disclosed. This may be happening because companies are afraid they will have problems with state or federal regulators or class-action lawsuits if they delay past the one-month timeline, he said.
These data will undoubtedly be used by some to argue for a “take a bit more time and get it right and save money” approach. There’s much to discuss here.
“It's for the children!”
http://www.pogowasright.org/?p=21438
Schools rush to fingerprint children before UK Freedom Bill change
March 8, 2011 by Dissent
Andrea Petrou reports:
Fingerprinting of children has got worse, with “more and more schools falling over themselves” to get pupil biometrics, a rights group has told TechEye.
Action on Rights for Children (ARCH) is wondering if the rush is because of proposed changes in the Freedom bill.
Currently, schools don’t have to ask for parental consent to take fingerprints from children – which can be used to access classrooms, take books out of the library or as a way to provide cashless school dinners.
However, if the bill goes ahead, it will mean schools will require consent from both the parent and child to gain fingerprints.
Terri Dowty, director at ARCH, told TechEye: “Schools are falling over themselves to get fingerprinting before the new rules come into place. We’re pleased about the new proposals, which will mean that children’s parents get a say.
Read more on TechEye.net
(Related) If the trend continues, this will be allowed.
UK Schools Consider Searching Pupils' Smartphones
"What right to privacy do school pupils have on their mobile phones? UK education officials are considering ways to clamp down on cyber-bullying and classroom disruption by allowing teachers to search and delete content from student handsets if it is deemed unsuitable. However, questions remain whether such a move would give teachers too much power and infringe on student rights."
Is it possible to have an “off the record” conversation when everyone has a camera? See the video and decide for yourself.
If Wikileaks did “spark” regime change” in Libya, should they get the Nobel Peace Prize?
Former MI6 Chief Credits WikiLeaks With Helping Spark Revolutions
"Sir Richard Dearlove, former Intelligence Chief of MI6, credits WikiLeaks with helping spark revolutions in the Middle East, in (what was supposed to be) an off-the-record speech. 'I would definitely draw parallels at the moment between the wave of political unrest which is sweeping through the Middle East in a very exciting and rather extraordinary fashion and also the WikiLeaks phenomenon. Really, what ties these two events together, and of course a number of other events, is the diffusion of power, away from the states and the empowerment of individuals, and small groups of individuals, by technology,' he said."
Was this China or was North Korea using them as a conduit for an attack?
S. Korea says China targeted Global Hawk purchase plans
Shin Hak-Yong, a Democratic member of South Korea’s parliament's defense committee, told local reporters that the Chinese hackers accessed systems used by the defense ministry, in order to access plans to purchase an unmanned Global Hawk aircraft.
“…the government has not raised the issue with China yet and is still debating how to handle it," Shin's spokeswoman said, quoting Shin.
… On Saturday, South Korean National Cyber Security Center said they had seen signs of a Denial-of-Service attack targeting the presidential office, the Foreign Ministry, the National Intelligence Service, U.S. Forces Korea, and financial institutions. Logs of the DoS attacks point to Chinese origin points.
AhnLab spokesman Park Kun-woo said the attacks seen on Saturday are similar to ones that have targeted South Korean websites in the past.
In response to the South Korean claims, China issued a flat dismissal.
"South Korea's news is groundless. China has been blamed for a number of Internet hacker attacks by the US, Japan, Australia and some other countries in the past," Wang Mingzhi, a military strategist at the People's Liberation Army Air Force Command College, told China’s Global Times on Monday.
(Related)
China Pledges To Step Up Internet Administration
"China says it will step up administration of the Internet this year while continuing to build out the country's fiber-optic backbone and expand broadband access for consumers. Internet administration was mentioned in a keynote report on the work of the government to China's parliamentary session. It underlined the importance of culture and noted the need to 'strengthen the development of civic morality' and 'speed up the establishment of moral and behavioral norms that carry forward traditional Chinese virtues.' The pledge comes amid revelations that DDoS attacks against WordPress last week allegedly originated from China."
As revolutionary as Miranda?
Condemned Inmate Wins Right to Seek DNA
The Supreme Court on Monday said inmates have a right to sue under a federal civil rights law to seek post-conviction DNA testing.
… The courts held that, under Texas law, a convict must prove, by a preponderance of the evidence, that he or she would not have been prosecuted or convicted had DNA testing been performed. [Kind of a Catch 22? Bob] To get DNA testing, a Texas inmate must also demonstrate that his failure to seek such testing at trial was not a strategic decision.
… At least 22 states had told the justices that granting Skinner DNA testing through a civil rights suit would undermine their individual statutes, which spell out when an inmate is entitled to it.
“To allow this type of procedural legerdemain would both diminish the sovereign interests of the states and at the same time impose a significant burden on the states’ limited law enforcement resources,” attorneys general from the 22 states wrote.
The decision, (.pdf) with Justices Clarence Thomas, Anthony Kennedy and Samuel Alito in dissent, does not necessarily mean Skinner would actually win the right to testing — something his trial lawyer chose not to seek.
Justice Ruth Bader Ginsburg, writing for the majority, ruled only that inmates could sue under the civil rights statute to press a claim that they were unconstitutionally denied DNA testing in state court.
Would this impact some providers enough to drive them into bankruptcy? I bet they make that argument... Note: The comments point to other ways to avoid texting charges.
Facebook May Bust Up the SMS Profit Cartel
"Fortune had an interesting article recently about wireless providers and their exorbitant profit margins for SMS handling, especially when looking at modern data plans. 'Under the cell phone industry's peculiar pricing system, downloading data to your smartphone is amazingly cheap — unless the data in question happens to be a text message. In that case the price of a download jumps roughly 50,000-fold, from just a few pennies per megabyte of data to a whopping $1000 or so per megabyte.' A young little application called Beluga caught the attention of Facebook, which purchased the company a Thursday. The app aims to bring messaging under the umbrella of data plans, and features group messaging, picture and video messaging, and integration with other apps. The author argues that, if successful, Beluga (or whatever Facebook ends up calling it) could potentially be the Skype/Vonage or Netflix-type competitor to the old-school cellular carriers and their steep pricing plans."
No comments:
Post a Comment