If you’ve never checked out http://www.privacyrights.org, I would encourage you to do so. It’s a listing of all breaches made public from 2005 up to present, presented in reverse chronological order. They collect the information from a variety of sources. You can filter your search by checking/un-checking various boxes on the following:
From Vericode and industry experts – Top Development application security mistakes to Avoid 1. Don’t wait until the last minute to include security measures. Too many developers wait to test an application’s security until the application has already been built. Instead, they suggest thinking about security during the analysis layer to avoid creating major problems. […]
This was taken from an article from Dark Reading, covering a recent Gartner Security & Risk Management Summit. Gartner experts were discussing how to defend against 4 main types of attack threats.
I’m going to refer to another something in a previous blog, the one about Verizon’s 2012 Data Breach Report.
If you haven’t read the Verizon 2012 Data Breach Report, you may want to check it out. Contains a wealth of information on what’s going on in information security breaches. Here’s a link:
I thought this was an interesting article out of Dark Reading lately – “AutoCAD Worm Targets Design Documents in Possible Espionage Campaign”.
Can’t state it often enough – Security awareness training is more important than ever. Many of the incidents we respond to are caused by malware being downloaded by users. Once it’s in your network, it’s only going to propagate. It’s like a bad roach infestation.
Maintaining HIPAA compliance use to not have much teeth behind it. Times have changed, however, as the Alaska Department of Health and Social Services (DHSS) is too well aware.
Recent article from Dark Reading was from a Symantec survey of small to medium size businesses and their file sharing practices. The survey was conducted by Applied Research in 2011. They spoke with decision makers at 1,325 worldwide SMB organizations with 5 to 500 employees.
Recent article from Dark Reading, June 29: U.S. Critical Infrastructure Cyber Attack Reports Jump Dramatically.