87% of Business in 2012 survey have no Acceptable Use Policies Phishing attacks are now among the top security risks for organizations. Yet, according to a recent survey of small and medium-sized businesses (SMB), a full Eighty-seven (87%) percent do not have a formal written Internet security policy for employees. These findings are from a […]
Category Archives: Policy Related Incidents
The Privacy Rights Clearinghouse recently released their review of what they call the most significant data breaches of 2011. Even if you have read about each of these incidents before, they are worth reading again in summary form. What is perhaps most striking is how the most basic security policies and procedures are often the […]
In September 2011 a security researcher purchased some used network equipment for about $30 USD from Ebay. Once the equipment was delivered, the researcher found that it used to belong to the UK National Air Traffic Services (NATS) and that loads of sensitive data was still stored on the device, including network IP addresses and […]
One of the most intriguing cyber-security stories ever is the recent hack and public smearing of information security from HB Gary by hacker group Anonymous. The incident relates to the WikiLeaks scandal, and the ongoing fear that major corporations might be the next victims of embarrassing document leaks. Tech writers Michael Riley and Brad Stone […]
Reports from the last few months have generated another wake-up call for those concerned with the security of the nation’s critical infrastructure. In addition to audit reports of widespread vulnerabilities among agencies managing the infrastructure, the first malicious software was discovered “in the wild” that specifically targets the SCADA system employed to manage these networks. [...]
In July 2007, several contractors of Los Alamos National Laboratory were fined a total of $3.3 million for failing to adequately protect data as required in their contracts. The Department of Energy (DOE) initiated formal enforcement actions against specific current and former contractors, the reports said that investigations revealed that the contractors failed to prevent […]