http://www.atthebreach.com/blog/the-true-cost-of-a-data-security-breach-the-heartland-case-study/
August 10, 2009
The True Cost of a Data Security Breach: The Heartland Case Study
While not enough information has been released to know the full measure of the Heartland data breach, bits and pieces have come and and we can begin to understand the impact to a company that has a serious data security breach. Kevin Prince of Perimeter eSecurity touched on this subject in a series of data breach studies he has done over the past couple of years. In his examples, sometimes there seemed to be a clear relationship between a companies stock price and the announcement or public awareness of a data security breach. Other times the correlation could not be made.
Look for yourself in the case of Heartland in the attached graph of the Heartland stock ticker over the past year.
… Not only did Heartland have approximately a 40% stock drop the day this was announced, the stock continued to drop for some time. Heartland recently announced their Q2 2009 financials which includes the cost and write-offs associated with the data security breach. [Article]
They specifically noted that $.32/share was the write-off amount associated with resolving issues with their data security breach. They said this was associated with the $19.4 million dollars it cost them to settle these issues. This resulted in a quarterly loss of 2.6 million ($.07/share) for Q2.
This also does not include the money they are putting into deploying end-to-end encryption which is their answer.
It should be noted that both Visa and Mastercard have said that Heartland was not PCI compliant at the time the breach occured. [...but Heartland had passed their last PCI Audit, so this is likely just the credit card companies spin on their security failure. Bob]
Unreal statistic. If 69% of the Fortune 500 had a 40% stock drop, we'd have a recession... Oh, wait... It can't be that bad in the US, can it?
http://www.pogowasright.org/?p=2710
Australian data breaches on the increase
August 11, 2009 by Dissent Filed under Breaches, Non-U.S.
Almost 70 percent of Australian businesses and organisations were hit by one or more data breach incidents in the past year, a major increase on the situation in the previous 12 months.
IT security professionals at 482 enterprises were surveyed and 69 percent of the organisations had been hit once or more – up from 56 percent in the previous year – while the number of firms (41%) experiencing multiple breaches, or more than two data loss incidents, rose by 28 percent over the previous year.
Data protection company, PGP Corporation, has released the results of the second annual study by The Ponemon Institute, which also revealed that of those organisations that did admit to a breach in the last 12 months, 65 percent were never publically announced, as there was no legal or regulatory requirement to disclose the incidents.
Read more on ITWire.
(Related) Yep, it can.
http://www.pgp.com/insight/newsroom/press_releases/encryption_trends_us_09.html
Press Release: 85% of US Organizations Hit by One or More Data Breaches within the Last Twelve Months
Even in the land of cheap labor, technology has a place. Imagine the number of cameras it will take to match the coverage in the UK.
http://www.pogowasright.org/?p=2698
China to expand surveillance cameras
August 11, 2009 by Dissent Filed under Non-U.S., Surveillance
China’s police say they have installed 2.75 million surveillance cameras since 2003 and are expanding the system into the largely neglected countryside.
The cameras are the most visible components of police surveillance and notification systems installed around the country, mainly in urban areas, according to a news release posted Monday on the Public Security Ministry’s Web site.
Read more from the AP in the Chicago Tribune.
When I say surveillance is ubiquitous, I mean it's everywhere... (Imagine the intelligence that software vendor is gathering if there is a backdoor in the their spyware...)
http://www.pogowasright.org/?p=2712
Saudi women use spyware to monitor spouses’ activity
August 11, 2009 by Dissent Filed under Internet, Non-U.S., Surveillance
Women in Saudi Arabia are randomly loading spyware on the desktops, laptops, and other electronics related to the Internet of their husbands to monitor for unfaithfulness or attempts at infidelity.
Say experts that spyware is referred to any stealthy, malicious PC software which gathers personal information transmitted via the Internet.
Reportedly, the software that Saudi women are using is comparatively costly about SR 1,000 (US$267), however, it seems to be easy to plant while hard to discover. Further for a nation where women are not without reason to fear their spouses’ behavior like suddenly marrying a new girl, the temptation of following the movements of a probable errant husband is nothing unnatural.
Nevertheless according to scholars in the Islamic community, this act of spying goes against the Shariah law for, Islam supports privacy protection and the new software undoubtedly violates it outright. Also as per Sheikh Saleh Bin Abdullah al-Shamrani, a religious expert and an Islamic Culture Professor at the Scientific Institute, Shariah law forbids all forms of computer spying. ASHARQ ALAWSAT reported this on July 24, 2009.
Read more on SPAMfighter.
Opting out takes work! You have to be smarter than all the marketing department schemes ever invented.
http://www.wired.com/epicenter/2009/08/you-deleted-your-cookies-think-again/
You Deleted Your Cookies? Think Again
By Ryan Singel Email Author August 10, 2009 7:39 pm
More than half of the internet’s top websites use a little known capability of Adobe’s Flash plugin to track users and store information about them, but only four of them mention the so-called Flash Cookies in their privacy policies, UC Berkeley researchers reported Monday.
Unlike traditional browser cookies, Flash cookies are relatively unknown to web users, and they are not controlled through the cookie privacy controls in a browser. That means even if a user thinks they have cleared their computer of tracking objects, they most likely have not.
Should this be classes as surveillance or health care? (When your coverage runs out, a simple click of the mouse shuts off your pacemaker.) We'll need to read the health care bill (if they ever produce one) carefully for terms like “full use of technology” or “instant access to medical devices” We'll also have to watch what the hackers are doing more closely.
First Internet-Connected Pacemaker Goes Live
Posted by ScuttleMonkey on Monday August 10, @01:41PM from the jailbreak-your-heart dept.
The Register is reporting that a New York woman has become the first person to have their pacemaker wirelessly connected to the internet for full-time monitoring.
"The device contains a radio transmitter which connects to receiving equipment in New Yorker Carol Kasyjanski's home, using a very low-power signal around 400MHz, to report on the condition of her heart. Any problems are instantly reported to the doctor, and regular checkups can be done by remotely interrogating the home-based equipment — the pacemaker itself doesn't have an IP address, fun as that would be."
Why is the Internet such a great tool for surveillance?
MySpace generation happier to talk online than real life
The MySpace generation is more able to talk about themselves online than in the flesh, a survey suggests.
Published: 7:00AM BST 10 Aug 2009
… A survey of British MySpace users aged 14 to 21 found that 36 per cent found it easier to talk about themselves online than in the real world and thought their online friends knew more about them than their off-line ones. [I've long been an advocate of online psychiatry. True anonymity is the best way to learn what you patients are really thinking. (but where do you send the bill?) Bob]
Google's CEO was a big Obama supporter. Does this suggest that it pays to have the President's ear?
http://www.pogowasright.org/?p=2706
U.S. web-tracking plan stirs privacy fears
August 11, 2009 by Dissent Filed under Govt, Internet, Surveillance
The Obama administration is proposing to scale back a long-standing ban on tracking how people use government Internet sites with “cookies” and other technologies, raising alarms among privacy groups.
A two-week public comment period ended Monday on a proposal by the White House Office of Management and Budget to end a ban on federal Internet sites using such technologies and replace it with other privacy safeguards. The current prohibition, in place since 2000, can be waived if an agency head cites a “compelling need.”
[...]
Two prominent technology policy advocacy groups, the Electronic Privacy Information Center and Electronic Frontier Foundation, cited the terms of a Feb. 19 contract with Google, in which a unnamed federal agency explicitly carved out an exemption from the ban so that the agency could use Google’s YouTube video player.
The terms of the contract, negotiated through the General Services Administration, “expressly waives those rules or guidelines as they may apply to Google.” The contract was obtained by EPIC through a Freedom of Information Act request.
“Our primary concern is that the GSA has failed to protect the privacy rights of U.S. citizens,” EPIC Executive Director Marc Rotenberg said. “The expectation is they should be complying with the government regulations, not that the government should change its regulations to accommodate these companies.”
Read more in The Washington Post.
Google is so old school – try the new Google!
http://tech.slashdot.org/story/09/08/11/0349217/Google-Previews-New-Search-Infrastructure?from=rss
Google Previews New Search Infrastructure
Posted by kdawson on Tuesday August 11, @03:01AM from the not-standing-still dept.
Google has announced a "developer preview" of a new search infrastructure, though one wouldn't have to be a developer to try it out. Google is asking for feedback on how the search results in the new regime stack up against the old. Matt Cutts has posted a mini FAQ. Some early testing indicates that the new search may be faster in some cases, and return more relevant results, than the old one. Those who attempt to game Google search for a living will be scrambling henceforth. Has anyone identified the new crawler bot in log files?
Global Warming! Global Warming! For God's sake, don't tell Al Gore!
http://news.slashdot.org/story/09/08/11/034221/Earths-Period-of-Habitability-Is-Nearly-Over?from=rss
Earth's Period of Habitability Is Nearly Over
Posted by kdawson on Tuesday August 11, @05:38AM from the nice-while-it-lasts dept.
xp65 writes
"Scientists at this year's XXVIIth General Assembly of the International Astronomical Union in Rio de Janeiro, Brazil agree that we do not yet know how ubiquitous or how fragile life is, but that: 'The Earth's period of habitability is nearly over on a cosmological timescale. In a half to one billion years the Sun will start to be too luminous and warm for water to exist in liquid form on Earth, leading to a runaway greenhouse effect in less than 2 billion years.' Other surprising claims from this conference: that the Sun may not be the ideal kind of star to nurture life, and that the Earth may not be the ideal size."
Humor: Go to Google and type in the search phrase “twitter is “and look at the suggested phrases.
No comments:
Post a Comment