By: - Dir. Solutions Marketing

Data Breach Costs are Real, Not Unicorns

April 25th, 2014

Recently ran across an interesting commentary by Heidi Shey, a Forrester analyst, entitled Pet The Unicorns And Think Of Protecting Customer Data As A Corporate Social Responsibility. Her main point is that relying on data breach cost numbers to justify security investments is “pretty useless.” She writes: We do need to change our expectations for [...]

By: - Information Security Reporter


What Does the Target Breach Tell Us About DSS and POS?

March 10th, 2014

In the final analysis, it is going to be Target’s customers that pay the price for this winter’s breach. OK, CIO Beth Jacob has fallen on her sword and departed; but that could hardly be avoided, and “this is a good time for a change” is hardly contrition. Apart from that, the innocent will pay [...]

By: - Technology Reporter


After Target Breach, How Can You Ensure Vendors Aren’t Your Weak Link?

February 20th, 2014

Shocking. That’s one of the best words to describe the feeling among many retail industry watchers when the root of the massive Target breach was determined to be an HVAC contractor. Indeed, news headlines continue to examine all aspects of the story, from the $200 million it cost to replace credit cards, to reports of [...]

By: - Dir. Solutions Marketing

Global Trends in Data Protection Maturity

January 30th, 2014

The other day, coinciding with Data Privacy Day, we presented the results of our 3rd annual Data Protection Maturity survey. Here’s a quick recap. In late 2013 we conducted an online worldwide survey of IT professionals to find out how much progress is being made in data protection. We had almost 400 completed responses from [...]

By: - Forensics and Security Expert


Past, Present and Future of Endpoint Security

January 21st, 2014

In the throes of holiday shopping season, 110 million Target customers woke to the news that cleverly placed malware had pilfered their credit- and debit card numbers, along with other sensitive data. We aren’t yet certain who was behind the massive attack on Target and, evidently other large retailers, or how the heist was orchestrated. But [...]

By: - Dir. Solutions Marketing

The Many Forms of Server-Side Risk

October 31st, 2013

We recently worked with the editors at SC Magazine on a reader survey about server-side risk. As expected, companies of all sizes are concerned about varied attack vectors that could allow bad-guy access to their mission-critical data. The results show that malware, server misconfigurations (which lead to malware intrusions) and targeted attacks (aka APTs) are [...]

By: - Technology Reporter


How to Avoid Dangerous Data Breaches While Outsourcing

May 20th, 2013

There’s plenty of talk about security threats from internal employees—but what about the threats associated with outsourcing? The stats may (or may not) surprise you. Forty-six percent of organizations do not evaluate the security and privacy practices of vendors before sharing sensitive or confidential information, according to a recent study conducted by the Ponemon Institute. [...]

By: - Dir. Solutions Marketing

Market Impact of a Data Breach

May 13th, 2013

In my Changeup post the other day, I mentioned that my colleague Paul Henry had saved an organization an estimated $10M (or roughly 15%) in market cap by showing that an intrusion had no material impact. That got me to thinking: what *is* the typical market impact of a breach? And furthermore, how good are [...]

By: - Dir. Solutions Marketing

PSA for Evernote Users: Change Your Passwords

March 4th, 2013

Another day, another breach of a popular cloud-based service. This time it was Evernote, a wildly popular personal note taking app for tablets like iOS devices (iPhones, iPads and iPod Touches) and similar Android devices. The breach was apparently discovered on Thursday 02/28 and made public on Saturday (03/02) morning. Evernote is requiring all of [...]

By: - Chairman and CEO, Lumension


October is Cyber Security Awareness Month; What’s Changed?

October 1st, 2012

While our federal government still can’t get its act together enough to pass much-needed cyber security legislation, one thing it has done right is increase awareness about the issue. One of the ways legislators have done so is through the creation of National Cyber Security Awareness Month (NCSAM). October marks the ninth annual NCSAM hosted [...]

By: - Chairman and CEO, Lumension


Not reporting a data breach – your reputation may suffer but what about your pocketbook?

July 23rd, 2012

How would you feel if a restaurant, hotel or retailer knew your information had been compromised, but you didn’t find out until fraudulent charges started appearing on your credit card? Or if a company you had invested tens of thousands of dollars in didn’t let you know that it had suffered a data breach? Not [...]

By: - IT Security Expert

Use the Yahoo Breach to Educate Your Users

July 13th, 2012

Evidently, this is what the hackers wanted – an opportunity to educate. While the fact that Yahoo did not encrypt customer passwords is yet another instance of embarrassingly low security priorities on behalf of corporate entities, the fact is that Yahoo’s customers who were breached are at fault too. The firm that uncovered the breach [...]

By: - Dir. Solutions Marketing

By the Numbers: US Healthcare Data Breaches

July 12th, 2012

The last time we looked at healthcare data breaches was a couple of years ago, so I thought maybe we should take another look. A listing of breaches of unsecured protected health information (PHI) affecting 500 or more individuals is maintained, as mandated by the HITECH Act, by the US Department of Health and Human [...]

By: - Dir. Solutions Marketing

Uncle Sam Has Yet Another Data Protection Bill

June 25th, 2012

The latest attempt at creating a US Federal data protection / data breach notification law was recently introduced in the Senate. The “Data Security and Breach Notification Act of 2012” (S.3333) was submitted by Sen. Pat Toomey (R-PA) with the support of Sens. Olympia Snowe (R-ME), Jim DeMint (R-SC), Roy Blunt (R-MO) and Dean Heller [...]

By: - Dir. Solutions Marketing

Change Your LinkedIn Password – Now!

June 6th, 2012

LinkedIn – the online professional networking site which I suspect many Optimal Security blog readers use – has apparently been hacked, resulting in something like 6.5M SHA-1 hashed passwords being posted in a Russian hacker site. This evolving situation will certainly be updated through-out the day (and beyond), so I don’t want to recap the [...]

IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us