Tag Archives: PII

THE JP MORGAN CHASE HACKER INDICTMENTS EXEMPLIFY HOW BACKWARD THE INFOSEC SPACE IS

Cybersecurity audits mean nothing to hackers. And in fact, neither do short-sighted privacy regulations. Hackers have been showing us this for years. And not just because they find ways to exploit systems before you have a chance to lock them down. It’s more than that. Hackers find value in your systems and data that you […]

INCIDENT RESPONSE: KNOWING YOUR OBLIGATIONS IN THE EVENT OF A SECURITY BREACH

Author: Glenn A. Stout, Ph.D, PMP Your organization just experienced a data security incident. All of the data that was entrusted to your organization to be kept safe is now “out there” on the Internet.  Your organization doesn’t have an incident response plan.  Who do you call?  When should you call?  What information needs to be […]

Universities Remain a Rich Target for Hackers

Schaumburg, IL, April 9, 2014:  In 2013, HALOCK Security Labs noted information security vulnerabilities at colleges and universities along with numerous challenges that plague these institutions across the United States.  More breaches may come to light if higher education institutions do not rethink their security measures.

Darrell Issa Just Learned the Difference Between Compliance and Security. Let’s Hope for a Payoff.

Darrell Issa’s House Committee on Oversight and Government Reform has been busy looking into the security of the healthcare.gov website and its connected systems.

Some Mortgage Lenders May Be Putting Sensitive Financial Data At Risk, Finds HALOCK

FOR IMMEDIATE RELEASE HALOCK Investigation finds that over 70% of mortgage lenders may be putting sensitive financial data at risk through their application processes Schaumburg, IL, January 29, 2014: Cybersecurity firm HALOCK Security Labs found many of the nation’s large and small mortgage lenders allow for information sharing practices that may put applicants’ personal and […]

Expecting the Unexpected, Removing Fear From a Security Incident

Once again another company is on the heels of a massive data breach where intellectual property, customer records, private information, you-name-it, has been compromised. The recent news of Adobe Systemsi where a malicious entity stole intellectual property and accessed millions of credit card numbers is another case where “if there is a will, there is […]

California’s New “Do Not Track” Privacy Law is Weak … As Expected

  If you operate a web site that accepts personal information from California residents, you may be aware that California’s amended CalOPPA law has added a “do not track” requirement this month. California’s legislators have added to the already-weak law a new, value-less clause that gives the appearance that the law does something that it […]

Your Policies Can Hurt You, Part 2: Overzealous Policies Can Create Breach-Prone Environments

Early on in my information security career I was auditing a firm that conducted complex economic analyses for their clients. They processed a lot of personal information and they wanted to be sure they were applying appropriate controls to safeguard that information. Part of their business model was to charge their clients per hour for […]