How to Avoid Dangerous Data Breaches While Outsourcing
May 20th, 2013
There’s plenty of talk about security threats from internal employees—but what about the threats associated with outsourcing? The stats may (or may not) surprise you. Forty-six percent of organizations do not evaluate the security and privacy practices of vendors before sharing sensitive or confidential information, according to a recent study conducted by the Ponemon Institute. [...]
By: Chris Merritt - Dir. Solutions Marketing
Market Impact of a Data Breach
May 13th, 2013
In my Changeup post the other day, I mentioned that my colleague Paul Henry had saved an organization an estimated $10M (or roughly 15%) in market cap by showing that an intrusion had no material impact. That got me to thinking: what *is* the typical market impact of a breach? And furthermore, how good are [...]
By: Chris Merritt - Dir. Solutions Marketing
PSA for Evernote Users: Change Your Passwords
March 4th, 2013
Another day, another breach of a popular cloud-based service. This time it was Evernote, a wildly popular personal note taking app for tablets like iOS devices (iPhones, iPads and iPod Touches) and similar Android devices. The breach was apparently discovered on Thursday 02/28 and made public on Saturday (03/02) morning. Evernote is requiring all of [...]
October is Cyber Security Awareness Month; What’s Changed?
October 1st, 2012
While our federal government still can’t get its act together enough to pass much-needed cyber security legislation, one thing it has done right is increase awareness about the issue. One of the ways legislators have done so is through the creation of National Cyber Security Awareness Month (NCSAM). October marks the ninth annual NCSAM hosted [...]
Not reporting a data breach – your reputation may suffer but what about your pocketbook?
July 23rd, 2012
How would you feel if a restaurant, hotel or retailer knew your information had been compromised, but you didn’t find out until fraudulent charges started appearing on your credit card? Or if a company you had invested tens of thousands of dollars in didn’t let you know that it had suffered a data breach? Not [...]
By: Paul Zimski - IT Security Expert
Use the Yahoo Breach to Educate Your Users
July 13th, 2012
Evidently, this is what the hackers wanted – an opportunity to educate. While the fact that Yahoo did not encrypt customer passwords is yet another instance of embarrassingly low security priorities on behalf of corporate entities, the fact is that Yahoo’s customers who were breached are at fault too. The firm that uncovered the breach [...]
By: Chris Merritt - Dir. Solutions Marketing
By the Numbers: US Healthcare Data Breaches
July 12th, 2012
The last time we looked at healthcare data breaches was a couple of years ago, so I thought maybe we should take another look. A listing of breaches of unsecured protected health information (PHI) affecting 500 or more individuals is maintained, as mandated by the HITECH Act, by the US Department of Health and Human [...]
By: Chris Merritt - Dir. Solutions Marketing
Uncle Sam Has Yet Another Data Protection Bill
June 25th, 2012
The latest attempt at creating a US Federal data protection / data breach notification law was recently introduced in the Senate. The “Data Security and Breach Notification Act of 2012” (S.3333) was submitted by Sen. Pat Toomey (R-PA) with the support of Sens. Olympia Snowe (R-ME), Jim DeMint (R-SC), Roy Blunt (R-MO) and Dean Heller [...]
By: Chris Merritt - Dir. Solutions Marketing
Change Your LinkedIn Password – Now!
June 6th, 2012
LinkedIn – the online professional networking site which I suspect many Optimal Security blog readers use – has apparently been hacked, resulting in something like 6.5M SHA-1 hashed passwords being posted in a Russian hacker site. This evolving situation will certainly be updated through-out the day (and beyond), so I don’t want to recap the [...]
By: Chris Merritt - Dir. Solutions Marketing
Data Breach Trends in the Financial Sector
February 23rd, 2012
Financial institutions are, it seems, doing a better job at protecting customer data than most industries. This is the conclusion one reaches when looking at the latest data in the Chronology of Data Breaches from the Privacy Rights Clearinghouse. Overall, the CDB has 2929 breaches in the 2005–2012 timeframe, involving 544,591,013 records (yup, more than [...]
FREE Scanner
Free eBook
Over 80% of IT Directors say that mobile devices represent a security threat.
