The real cost of a security breach: 1 to 53 million USD per year

July 27th, 2010 by Agent Smith (0) Data Theft & Loss,Research and Studies,endpoint security

If you had any doubt that security breaches cost companies a lot, it is all clear now – the damages companies have to deal with after one breach are overwhelming! According to recent reports by te Ponemon Institute, organizations get hit by at least one successful attack per week, and the annualized cost to their bottom lines from the attacks ranges from1 million to 53 million USD per year. The reports were based on the analysis of 45 U.S. organizations hit by data breaches.

Ponemon Institute’s released two separate reports,  ”The First Annual Cost of Cyber Crime Study” (PDF), which was sponsored by ArcSight, “The Leaking Vault” (PDF) released today by the Digital Forensics Association, both showing troubling findings for companies’ finances: Read more

Obama Administration Issues Progress Report On Cybersecurity

July 16th, 2010 by Agent Smith (0) In The Spotlight,In the News

US President Obama and cybersecurity czar Howard Schmidt have both issued statements on cybersecurity presenting very optimistic progress reports and supporting increased activity in the private sector.

Some of the points discussed in the progress reports included the recent organizational changes and new cybersecurity initiatives of the Obama administration presented as evidence that the White House is making advances on the cybersecurity front.

“President Obama appointed a Cybersecurity Coordinator to provide White House leadership on cybersecurity issues,” the progress report says. “The Cybersecurity Coordinator leads a new Cybersecurity Directorate within the National Security Staff (NSS), works closely with the economic team, and has created a close partnership with the Office of Management and Budget (OMB) and the Office of Science and Technology Policy.”

As stated before while speding a year to decide who will be the czar everyone expected, cybersecurity is considered a “key management priority” by the white house.

“Enhancing cybersecurity is a central component of the Administration’s Performance Management Agenda,” the progress report says. “The Federal Chief Performance Officer has targeted key performance strategies for improving government operations, which include moving to real time monitoring and integrating cybersecurity into system design, rather than bolting it on as an afterthought.”

I am thrilled to see things are movig along just fine and the White House is also focusing on ecouraging cybersecurity projects in the private sector as well. Let’s hope they keep it up and others start following their lead.

For more details of the two statements, visit DarkReading.

SMBs start taking security seriously

June 28th, 2010 by Agent Smith (0) Research and Studies

Tired of being the main target of cybercriminals and other mean characters of the virtual world, SMBs are reconsidering their stand of security and starting to seriously apply it to their corporate infrastructures. These are the finding of a new survey conducted by Applied Research and published by Symantec. The new report shows that SMBs views have drastically changed over the past year, leading to more spendings on IT security and giving security policies a higher priority.

“Last year when we conducted this survey, a lot of SMBs were very confident in their security posture, but they weren’t always clear on the threat,” says Monica Girolami, senior product marketing manager at Symantec, who worked with Applied Research on the study. “This year they realize that they have gaps in their security stance, and they’re getting more serious — in fact, they rated data loss and cyberattacks as their top risks, even above natural disasters.”

Read more

Cybersecurity certifications to be recommended by the White House

June 10th, 2010 by Agent Smith (0) In The Spotlight,Laws & Standards

White HouseWhile their cybersecurity czar plans have been delayed for so long we were all a bit tired for waiting, the White House approach to fighting cyber threats seems to have found a new focus these days: recommending training, exams and detailed certification requirements for cybersecurity professionals employed or contracted by the federal government. And this is going through the careful review of a commission whose main purpose is to advise the Obama administration on cybersecurity policy.

The Commission on Cybersecurity for the 44th Presidency, which in December 2008 issued its Securing Cyberspace for the 44th Presidency report to Congress, is currently working on a sequel to that report, due sometime in late June or early July. The commission, made up of a who’s who of experts and policy-makers, is debating strategies for building and developing a skilled cybersecurity workforce for the U.S., as well as issues surrounding an international cybersecurity strategy and online authentication.

Read more

Study by KPMG sees “Business crime on the rise in Germany”

January 21st, 2010 by Robert (1) DLP,Data Theft & Loss,Default,Identity Theft,In the News,Research and Studies,endpoint security

As many as 37 percent of German companies were the victim of economic crime in the last three years, a new study has found. Internet fraud and the theft of business secrets have become a particular problem.
The use of USB Flash Drive in high capacity has made it easy to steal even the most complex business or construction plans in just a few seconds.

A USB Thumbdrive is all that’s required to steal valuable information.

A new study carried out by the German research institute Emnid for the financial services firm KPMG has found that criminal methods are being used more and more often in the ruthless and competitive world of business.

The survey, which took in 375 companies of all sizes, found that around one in three companies had been the victim of business crime. Two thirds of the companies surveyed also expected the level of criminality to rise.

The biggest economic crimes remain fraud, theft, embezzlement and breach of trust, but money-laundering and the forgery of accounts and financial information have all risen since the last survey was carried out in 2006.

Ignorance breeds carelessness

According to KPMG spokesman Frank M. Huelsberg, companies still need to be more aware of how crimes operate. “Despite these alarming results, small and medium-sized companies are particularly prone to underestimate the danger of falling victim to crime,” he said.

Fifty-six percent of the employees surveyed said that their company was less likely to be a victim of economic crime than a major corporation, while 76 percent believe they have made adequate security arrangements.

banner-sky.jpg

“Privately- or family-owned companies like to put their trust in their employees. But that makes them vulnerable,” Huelsberg said, “Experience shows that basic security mechanisms are often neglected in such companies.”

Third-party threat

In 62 percent of economic crimes involving small and medium-sized companies, employees conspired with an external third party. This figure is only 40 percent with large companies.

The theft of business or operational secrets is a growing threat, according to the study. A third of small and medium-sized companies have been a victim of such theft, the study said.

“The sale of sensitive information to competitors or criminals is particularly strong in times of economic crisis,” Huelsberg says, “Nowadays even the most complex construction plans fit on a USB stick. Data theft and industrial espionage can be child’s play if security fails, and the loss of sensitive designs or formulas can be fatal for a small, innovation-based company.”

Read the enitre article here on DW.

« Previous Entries
© Endpoint Security Info 2010. Wordpress Theme by Arcsin

blogarama - the blog directory Technology Blogs - BlogCatalog Blog Directory Blog Directory Find Blogs in the Blog Directory
valid CSS valid XHTML