Access your Pro+ Content below.
Data breach protection requires new barriers
This article is part of the May 2013 / Volume 15 / No. 4 issue of Information Security magazine
Data shows that publicized hacks, cyberattacks and data breaches continue to increase, and the majority of attacks are from outsiders. According to Verizon's 2013 Data Breach Investigations Report, released in April, 92% of breaches in 2012 were attributed to outsiders, and 19% involved state-affiliated actors. Regardless of the motives and the types of hackers or attackers, it behooves chief information security officers (CISOs) and security staff to take actions to better defend their data from these miscreants. Data theft has consequences for organizations: bad press, impact on reputation, devalued share prices and the costs of investigating the breach. Companies may also have to take legal action and make notifications to affected individuals if a breach involves personal data theft. From the consumer arena to “hactivists,’’ data breaches and disclosure requirements have evolved over several decades. In 1992 the Privacy Rights Clearinghouse (PRC) was formed as a nonprofit in California by Beth Givens, a student at the ...
Access this Pro+ Content for Free!
Features in this issue
Peter G. Neumann shares his thoughts on the inherent complexity of trustworthiness and the evolutionary promise of clean-slate architectures.
Too many compliance programs miss the mark. Tony UcedaVelez explains how leveraging a threat model can re-energize your strategy.
It’s hard to declare Apple security as superior to its competitors, but it’s also hard to fault it as inferior.
Assumption of breach is the new norm. Can this shift help organizations build better levels of data breach protection?
Columns in this issue
Marcus Ranum, security expert and Information Security magazine columnist, goes one-on-one with clean-slate luminary Peter G. Neumann of SRI International and formerly Bell Labs.
Managers need more training about technical security threats and input into IT policies that threaten productivity.