By: - Independent Computer Security Analyst

@gcluley

Supervalu Shoppers At Risk After Hackers Steal Credit Card Details – and other stores affected too

August 18th, 2014

Customers who have used their credit cards at a US supermarket chain between June 22nd and July 17th 2014 are being warned to check their bank balances, after it was discovered that criminals had hacked their way into networks and potentially accessed shoppers’ private data. Supervalu has published a security advisory on its website, warning that […]



By: - Dir. Solutions Marketing

Infosec Haiku

August 4th, 2014

Anata no joho sekyuritei konshu no haiku Jimmy John’s Gets Hit Payment Systems Breached via Remote Access Vulns   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own … if […]



By: - Independent Computer Security Analyst

@gcluley

Gambling website Paddy Power took four years to tell 650,000 customers their data had been stolen

August 1st, 2014

Yesterday, popular gambling website Paddy Power found itself admitting that it had suffered a serious data breach – the kind of position that no company ever wants to find itself in. Not that you would know if you visited their website, of course. Because there’s no mention of the issue on the front page that their […]



By: - Dir. Solutions Marketing

Infosec Haiku

July 28th, 2014

Anata no joho sekyuritei konshu no haiku More Data Breaches This Time: Goodwill Industries How Low Will They Go?   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own … […]



By: - Dir. Solutions Marketing

Data Breach Costs are Real, Not Unicorns

April 25th, 2014

Recently ran across an interesting commentary by Heidi Shey, a Forrester analyst, entitled Pet The Unicorns And Think Of Protecting Customer Data As A Corporate Social Responsibility. Her main point is that relying on data breach cost numbers to justify security investments is “pretty useless.” She writes: We do need to change our expectations for […]



By: - Information Security Reporter

@kevtownsend

What Does the Target Breach Tell Us About DSS and POS?

March 10th, 2014

In the final analysis, it is going to be Target’s customers that pay the price for this winter’s breach. OK, CIO Beth Jacob has fallen on her sword and departed; but that could hardly be avoided, and “this is a good time for a change” is hardly contrition. Apart from that, the innocent will pay […]



By: - Technology Reporter

@jleclaire

After Target Breach, How Can You Ensure Vendors Aren’t Your Weak Link?

February 20th, 2014

Shocking. That’s one of the best words to describe the feeling among many retail industry watchers when the root of the massive Target breach was determined to be an HVAC contractor. Indeed, news headlines continue to examine all aspects of the story, from the $200 million it cost to replace credit cards, to reports of […]



By: - Dir. Solutions Marketing

Global Trends in Data Protection Maturity

January 30th, 2014

The other day, coinciding with Data Privacy Day, we presented the results of our 3rd annual Data Protection Maturity survey. Here’s a quick recap. In late 2013 we conducted an online worldwide survey of IT professionals to find out how much progress is being made in data protection. We had almost 400 completed responses from […]



By: - Forensics and Security Expert

@phenrycissp

Past, Present and Future of Endpoint Security

January 21st, 2014

In the throes of holiday shopping season, 110 million Target customers woke to the news that cleverly placed malware had pilfered their credit- and debit card numbers, along with other sensitive data. We aren’t yet certain who was behind the massive attack on Target and, evidently other large retailers, or how the heist was orchestrated. But […]



By: - Dir. Solutions Marketing

The Many Forms of Server-Side Risk

October 31st, 2013

We recently worked with the editors at SC Magazine on a reader survey about server-side risk. As expected, companies of all sizes are concerned about varied attack vectors that could allow bad-guy access to their mission-critical data. The results show that malware, server misconfigurations (which lead to malware intrusions) and targeted attacks (aka APTs) are […]


By: - Technology Reporter

@jleclaire

How to Avoid Dangerous Data Breaches While Outsourcing

May 20th, 2013

There’s plenty of talk about security threats from internal employees—but what about the threats associated with outsourcing? The stats may (or may not) surprise you. Forty-six percent of organizations do not evaluate the security and privacy practices of vendors before sharing sensitive or confidential information, according to a recent study conducted by the Ponemon Institute. […]


By: - Dir. Solutions Marketing

Market Impact of a Data Breach

May 13th, 2013

In my Changeup post the other day, I mentioned that my colleague Paul Henry had saved an organization an estimated $10M (or roughly 15%) in market cap by showing that an intrusion had no material impact. That got me to thinking: what *is* the typical market impact of a breach? And furthermore, how good are […]


By: - Dir. Solutions Marketing

PSA for Evernote Users: Change Your Passwords

March 4th, 2013

Another day, another breach of a popular cloud-based service. This time it was Evernote, a wildly popular personal note taking app for tablets like iOS devices (iPhones, iPads and iPod Touches) and similar Android devices. The breach was apparently discovered on Thursday 02/28 and made public on Saturday (03/02) morning. Evernote is requiring all of […]


By: - Chairman and CEO, Lumension

@pclawson

October is Cyber Security Awareness Month; What’s Changed?

October 1st, 2012

While our federal government still can’t get its act together enough to pass much-needed cyber security legislation, one thing it has done right is increase awareness about the issue. One of the ways legislators have done so is through the creation of National Cyber Security Awareness Month (NCSAM). October marks the ninth annual NCSAM hosted […]


By: - Chairman and CEO, Lumension

@pclawson

Not reporting a data breach – your reputation may suffer but what about your pocketbook?

July 23rd, 2012

How would you feel if a restaurant, hotel or retailer knew your information had been compromised, but you didn’t find out until fraudulent charges started appearing on your credit card? Or if a company you had invested tens of thousands of dollars in didn’t let you know that it had suffered a data breach? Not […]



IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com