Granted that the
“network” handled low level data, but really, FOUR YEARS?
No one noticed (did they even look?) for four years?
Angela Moscaritolo
reports:
The
Finnish government has confirmed it suffered a “serious data
security violation,” which was reportedly carried out over a
period of four years and allowed hackers to pilfer unspecified
amounts of data.
The
breach affected the Finnish Foreign Service Internet network, which
contains information and data “of the lowest classification level,”
according to a statement
from Finland’s Ministry for Foreign Affairs. The leak did not
affect classified, confidential, or secret information, and there is
no indication that any international data was stolen.
Read more on PCMag.
Do I have your
attention now? Even without the skew introduced but exceptionally
large breaches, the numbers should make for interesting boardroom
conversation.
NetDiligence has
released its 2013 report on “Cyber Liability & Data Breach
Insurance Claims” based on actual claims submitted:
This
report summarizes our findings for a sampling of 145 data breach
insurance claims, 140 of which involved the exposure of sensitive
data in a variety of sectors, including government, healthcare,
hospitality, financial services, professional services, retail and
many more.
Their key findings
include:
- PII was the most frequently exposed data (28.7% of breaches), followed closely by PHI (27.2% of breaches).
- Lost/Stolen Laptop/Devices were the most frequent cause of loss (20.7%), followed by Hackers (18.6%).
- Healthcare was the sector most frequently breached (29.3%), followed by Financial Services (15.0%).
- Small Cap ($300M-$2B) and Nano cap (< $50M) companies experienced the most incidents (22.9% and 22.1% respectively). Mega?Cap (> $100B) companies lost the most records (45.6%).
- The median number of records lost was 1,000. The average number of records lost was 2.3 million. [What a wild distribution! Bob]
- Claims submitted for this study ranged from $2,500 to $20 million. Typical claims, however, ranged from $25,000 to $400,000.
- The median claim payout was $242,500. The average claim payout was $954,253. However, many claims in our dataset have not yet been paid. If we assume that, at a minimum, the SIR will be met, the median claim payout would be $250,000 while average claim payout would be $3.5 million.
- The median per record cost was $107.14. The average per record cost was $6,790. However, if we exclude outliers (incidents with a low number of records exposed but extremely high payouts), the median per?record cost was $97 and the average per?record cost was $307.
- The median cost for Crisis Services (forensics, notification, credit monitoring and legal guidance) was $209,625. The average cost for Crisis Services was $737,473.
- The median cost for legal defense was $7,500. The average cost for legal defense was $574,984.
- The median cost for legal settlement was $22,500. The average cost for legal settlement was $258,099.
You can download the
report here
(pdf).
Something to pass along
to your Computer Security Manager
How
To Avoid CryptoLocker Ransomware
Ouch! So nasty I love
it!
New
Yorker cover takes Obamacare back to the tech past
Would you let this man
into your country? Imagine what he might reveal!
In
letter to German lawmakers, Snowden speaks of his 'moral duty to act'
In a letter delivered
to German lawmakers Friday, former NSA contractor Edward Snowden said
he'd like to be able to travel to their country to assist in a
parliamentary investigation of mass surveillance, and he accused the
US government of "systemic violations of law" and of
"criminalizing political speech."
Why would a Satellite
or Cable company do this?
The
Federal Court of Canada has ordered Canadian cable giant Bell TV to
pay a Beechville, N.S., man $21,000 in damages after the company
accessed his credit report without permission.
In
a ruling this week, the court used harsh language to describe Bell’s
conduct, saying the matter was “reprehensible” and chided the
company for not even showing up to the court hearing.
Read more on CBCNews.
via Canadian
Privacy Law Blog.
The ultimate in
eavesdropping?
DARPA
developing implant to monitor brain in real time
Interesting. Is it a
“Privacy Right,” or do we have a “Right to be left alone?” I
think the latter is more easily defined and certainly more obviously
violated.
Orin Kerr writes:
United
States privacy law traditionally has only protected the privacy of
those in the United States and U.S. citizens abroad. Over at Just
Security, David Cole argues that this should change.
Privacy is a human right, he argues, and U.S. law should protect
the privacy of foreigners all around the world. David offers
three pragmatic reasons for his approach, but I don’t find his
arguments persuasive.
Read more on Lawfare.
Worth setting your DVR?
The Privacy and Civil
Liberties Oversight Board will be holding a public hearing on Monday,
November 4:
Consideration
of Recommendations for Change: The Surveillance Programs Operated
Pursuant to Section 215 of the USA PATRIOT Act and Section 702 of the
Foreign Intelligence Surveillance Act
All sessions will be
streamed live on www.c-span.org
and live on Networks:
9:15a-11:45a C-SPAN 2
1:15p-4:30p C-SPAN
If you’d like to
attend in person, the hearing will be held at:
Renaissance Mayflower
Hotel – Grand Ballroom
1127 Connecticut Ave
NW, Washington DC
The doors open at 8:45
am.
When people started
putting TVs in cars, many states passed laws forbidding the placement
of screens where drivers could see them and be distracted. Will
those laws need to be modified?
Hudway
app delivers windshield HUD for driving
… Hudway
is a free iPhone
app (coming for Android
by February of next year) that reflects driving directions onto your
windshield for low-visibility conditions.
It works off the back
of Google Maps. You build a route on the map, which the app then
preloads so it can be used offline -- useful if connection is
intermittent or you don't want to use data. You then place your
phone on your dashboard (we recommend securing it with some kind of
mount or Blu-tack) and driving directions are displayed reflected off
the glass.
A very tough business
model to figure out. Even then, would it be truly profitable?
Peapod
who? Online grocer shows Amazon, Walmart how it's done
… Groceries in
general is not an easy business. The margins are low, the products
are perishable, and the storing and transportation details can be
complex. But the potential rewards are worth reaping.
There are more than 115
million households in the US, according to Balzer, and everybody
needs to eat. Even a small piece of the grocery business means
billions of dollars for companies, he said.
I think we need videos
like these that do not assume an elementary school audience. I have
math students who were never exposed to some of these basic concepts.
(It wouldn't hurt to stop talking down to the younger ones
either...)
– Math is a subject
which everyone pretty much dislikes, but it is essential to be able
to add, subtract, multiply, and devide numbers, if you are going to
be financially literate in life. Therefore young kids should improve
their math as much as possible. Math Live is an interactive site
with lessons on all areas of math.
Just to illustrate the
technologies
Turn
an Android Device Into a Laptop With Four Keyboard Technologies