I'm often surprised at the public's disappointment with the realization that security processes are not directly analogous to the medical notion of immunization. In fact, single-shot protection does exist, and it serves to defuse individual threats with the simple application of patches, firewall filtering or other methods of protecting against single attack vectors.
This past Christmas season hasn't been kind to the Target chain of retail stores nor to its brand. A brazen attack took place in December that affected its retail locations in a major way, somehow compromising 70 million payment cards. Those losses were then augmented by up to 40 million user accounts stolen by good old fashioned hacking
First, the robots. They're cute. they're animated. And you can replay the clip as many times as you want, for free. As for the cyberfraud bit, that's a different story. In years past, I published lists of predictions for the new year, chronicled notable events and published timely stories. This time I just have 3 quick points to share and you can return to planning the festivities...
In a recent press release we echoed the Privacy Commissioner's concerns over growing numbers of data breaches occurring in 10 government agencies. Over 3000 inadequately reported data breaches took place at the Canadian Revenue Agency, Fisheries and Oceans, Public Safety, Employment and Social Development Canada, Justice Canada, Citizenship and Immigration, Passport Canada, the Correctional Service, the RCMP, the Parole Board and Veterans Affairs. Here are 5 best practices that represent a win-win for businesses, government agencies and the public.
People often confuse information protection with IT security. One of the reasons I resist the compartmentalization of my craft as IT security is that, as important as it is, IT security not only reduces the scope of my work by at least two-thirds, but it misses the point of what it means to truly enable protection for the intangible. It absolutely depends on people who are interested, educated and dare I say it, passionate. Security doesn't work without a high level of consistent human engagement. Privacy fails without passion and respect. In fact, nothing I can think of works well without a high degree of emotional investment.
Why is this? Why can’t we systematize everything and build an app for it? Because we are dealing with a substance free from physical properties. Information is intangible, tasteless, colorless and for the most part, odorless. It is perhaps the most impactful of substances, driving world economies and impacting everyone on the planet on a very individual level. And so, our relationship with information is very personal and delicate. Although it doesn’t impact our senses the way a piece of cheese or silly putty do, it can assault our being and drive our existence in powerful ways. And yet, we can't touch it.