Skip to main content

Home/ Groups/ WPPS C-Suite News
Rss Feed
Sort By: Most Recent | Popular Filter: All | Bookmarks | Topics Simple Middle
sandy ingram

Layoffs could lead to theft of interllectual property, placement of code - 0 views

www.linkedin.com/...366179-6510159

extortion layoffs employee workplace

shared by sandy ingram on 17 Nov 08 - No Cached
  • Since we are witnessing one of the most greatest surges in layoffs, how has your information security processes been coping with the increase?
  • I hear that many employees, in anticipation of a layoff, are stealing intellectual property. Thus, some damage to the company may be done prior to the lay off taking place.
  • have direct experience of employees who planted code that would disable key functions in the corporate IT system
  • ...9 more annotations...
  • I have met others who have bought their way into competitors using confidential information.
  • To be completely brutal and honest, if you are in a position to be worried about these things then your organisation has not taken its' security (in the broadest terms) seriously.
  • Security considerations are starting to move higher up the value chain away from its roots of network centricity towards applications and business concerns.
  • I have been monitoring the IT security industry and what I have noticed is not only the number of layoffs but also that there is so few high level IT Security jobs been advertised. Too many organisations see IT Security as an expense, and they have problem seeing the ROI form IT Security project.
  • how vulnerable is the Global economy to the next big attack.
  • corporations rapidly lose the ability to stop serious security breaches within the company as many in this forum have stated many examples.
  • I have seen many people go to extremes and sell this inside information, corporate espionage to name one example, in order to survive.
  • To understand the seriousness of this economic turmoil affecting corporation globally, a Director of Information Security from one of the largest and most admired global corporations was let go in a downsizing restructuring.
  • Understand that every company large and small is going through profound economic issues trying to do more with less staff.
  • sandy ingram on 17 Nov 08
     
    In one case, it was used for extortion, i.e. to demand a better severance package. The other used it for revenge.
sandy ingram

Data Leakage Worldwide White Paper: The High Cost of Insider Threats  [Data L... - 0 views

www.diigo.com/cached

shared by sandy ingram on 13 Nov 08 - Cached
  • sandy ingram on 13 Nov 08
     
    "common examples of employee behaviors that demonstrate a lack of diligence with respect to safeguarding sensitive information include speaking loudly about confidential information in public places, failing to log off laptops, leaving passwords in sight or unprotected, and accessing unauthorized websites.Common examples of employee behaviors that demonstrate a lack of diligence with respect to safeguarding sensitive information include speaking loudly about confidential information in public places, failing to log off laptops, leaving passwords in sight or unprotected, and accessing unauthorized websites."
sandy ingram

Data Leakage Worldwide White Paper: The High Cost of Insider Threats  [Data L... - 0 views

www.cisco.com/...white_paper_c11-506224.html

shared by sandy ingram on 12 Nov 08 - Cached
  • sandy ingram on 12 Nov 08
     
    Apathy and overwhelming amounts of data are key points why employees lose information
sandy ingram

80% of Australian companies suffered data breach. What protections are in your consult... - 0 views

www.smartcompany.com.au/...breach-in-past-five-years.html

Austrailia data breach agreements international

shared by sandy ingram on 11 Nov 08 - Cached
  • A whopping 34% of respondents report an average breach cost them $5000,
  • sandy ingram on 11 Nov 08
     
    What protections are written in your international consultant agreements?
  • sandy ingram on 11 Nov 08
     
    A new survey reveals almost 80% of local companies have experienced data breaches in the past five years, with 40% recording between six and 20 breaches
sandy ingram

"The Neb" implemented by IBM - 0 views

www.links.org

Privacy security neb

shared by sandy ingram on 09 Nov 08 - Cached
  • The basic idea here was that you can’t trust your PC, so you should have a separate trusted device (The Neb) which is used only for final authorisation of transactions - all the work of getting the transaction set up is done on the untrusted PC.
  • only the data relating to the final transaction is sent to The Neb,
  • explicitly, by the server,
  • ...1 more annotation...
  • which then displays it and, if the user agrees, signs it.
  • sandy ingram on 09 Nov 08
     
    only the data relating to the final transaction is sent to The Neb,
sandy ingram

CTO of the USA - 0 views

www.emergentchaos.com

OBAMA CTO information security

shared by sandy ingram on 09 Nov 08 - Cached
  • Obama will appoint the nation's first Chief Technology Officer (CTO)
  • sandy ingram on 09 Nov 08
     
    Obama will appoint the nation's first Chief Technology Officer (CTO)
sandy ingram

Amended SB1386 - Health care data security breach explained - 0 views

www.scmagazineus.com/...120069

hipppa SB1386 health training breaches

shared by sandy ingram on 01 Nov 08 - Cached
  • Health care data security breaches in the U.S.
  • New laws and regulations regarding data security breaches and disclosure laws affect the way in which health care organizations do business
  • Notifications can be delayed if law enforcement determines it could hinder a criminal investigation
  • ...11 more annotations...
  • he disclosure shall be made in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law enforcement, as provided in subdivision (c), or any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.
  • Any agency that maintains computerized data that includes personal information that the agency does not own shall notify the owner or licensee of the information of any breach of the security of the data immediately following discovery, if the personal information was, or is reasonably believed to have been, acquired by an unauthorized person.
  • They need to implement proper security measures, like encryption,” Booz says. In addition, the law will require a new level of investment in training for customer service, sales, and other externally facing operations.
  • Individuals affected by data breaches that meet the personal information definition and notification requirements must be notified by using one of three methods: written notice, electronic notice with customer's consent, or substitute notice
  • The purpose of this rule is to secure personally identifiable information (PII) as it travels through the healthcare system. Healthcare organizations, including providers, payers, and clearinghouses, must comply with the Privacy Rule.
  • The new law requires all state agencies and companies that conduct business in California to notify residents when a breach of their medical information occurs.
  • A new California law requiring that customers be notified of a breach involving their medical information is likely to influence legislation in other states.
  • Between 2000 and 2007, nearly half of all health care security incidents that occurred in the U.S. were associated with hospitals.
  • Between 2000 and 2007, 40 percent of publicly known security incidents at health care organizations are classified as data breaches
  • Although data breaches (hackers, malicious employees, social engineering, etc.) only constitute 40 percent of incidents, they account for 57 percent of all records compromised, nearly two and a half times the next closest category.
  • This again speaks to the need for strong policies and procedures. If organizations did not allow sensitive data to leave their facility without being encrypted (for electronic data) or disposed of properly (for physical data), it could eliminate nearly a quarter of the incidents they would face.
  • sandy ingram on 01 Nov 08
     
    Notifications can be delayed if law enforcement determines it could hinder a criminal investigation
  • sandy ingram on 01 Nov 08
     
    A new California law requiring that customers be notified of a breach involving their medical information is likely to influence legislation in other states.
sandy ingram

How the Human Brain Buys Security - 0 views

www.schneier.com/essay-232.html

shared by sandy ingram on 31 Oct 08 - Cached
  • It's much easier to sell greed than fear.
  • But all things being equal, buyers would rather take the chance than buy the security.
  • The better solution is not to sell security directly, but to include it as part of a more general product or service.
  • ...1 more annotation...
  • Vendors need to build security into the products and services that customers actually want.
  • sandy ingram on 31 Oct 08
     
    The better solution is not to sell security directly, but to include it as part of a more general product or service. Your car comes with safety and security features built in; they're not sold separately. And it should be the same with computers and networks. Vendors need to build security into the products and services that customers actually want. Security is inherently about avoiding a negative, so you can never ignore the cognitive bias embedded so deeply in the human brain. But if you understand it, you have a better chance of overcoming it.
sandy ingram

Schneier on Security - 0 views

www.schneier.com/blog

shared by sandy ingram on 31 Oct 08 - Cached
sandy ingram

Socialtext | Solutions - 0 views

www.socialtext.com/solutions

shared by sandy ingram on 30 Oct 08 - Cached
  • sandy ingram on 30 Oct 08
     
    Solutions Delivered on the Business Social Software Platform
sandy ingram

HONcode: Principles - Quality and trustworthy health information - 0 views

www.hon.ch/Conduct.html

shared by sandy ingram on 29 Oct 08 - Cached
  • HON Code of Conduct (HONcode) for medical and health Web sites
  • sandy ingram on 29 Oct 08
     
    null
« First ‹ Previous 141 - 152 of 152
Showing 20 items per page