If you’ve never checked out http://www.privacyrights.org, I would encourage you to do so. It’s a listing of all breaches made public from 2005 up to present, presented in reverse chronological order. They collect the information from a variety of sources.
You can filter your search by checking/un-checking various boxes on the following:
Unintended disclosure (DISC) – … Read More »
From Vericode and industry experts – Top Development application security Mistakes to Avoid
1. Don’t wait until the last minute to include security measures. Too many developers wait to test an application’s security until the application has already been built. Instead, they suggest thinking about security during the analysis layer to avoid creating major problems.
2. Identify … Read More »
This was taken from an article from Dark Reading, covering a recent Gartner Security & Risk Management Summit. Gartner experts were discussing how to defend against 4 main types of attack threats.
1. Distributed denial-of-service (DDoS) and denial-of-service
Gartner’s advice for stemming a DDoS attack: First, assess the financial impact of losing your organization’s Web presence and … Read More »
I’m going to refer to another something in a previous blog, the one about Verizon’s 2012 Data Breach Report.
One statistic they mentioned was that 96% of victims subject to PCI DSS had not achieved compliance. What does that say? Probably would have stood a better chance had they been compliant.
The PCI Data Security Standard, though judged … Read More »
If you haven’t read the Verizon 2012 Data Breach Report, you may want to check it out. Contains a wealth of information on what’s going on in information security breaches. Here’s a link:
Some interesting tidbits:
Who’s behind data breaches:
98% came from external agents
4% implicated internal employees
<1% committed by business partners
58% of all data theft … Read More »