Security Management Strategies for the CIOAccess "LinkedIn password leak: Lessons to be learned from LinkedIn breach"
This article is part of the July/August 2012 issue of Establishing an effective internal security pen testing methodology
The seemingly never-ending stream of data breaches could make it easy to become rather numb to news of another. But the massive LinkedIn password leak, which came to light in June, caught a lot of attention and deservedly so. There were similar password leaks at dating site eHarmony and radio streaming site Lastfm, but the scale of the LinkedIn breach – some 6.5 million passwords – and the fact that LinkedIn is a social networking giant for business professionals, put it in the data breach hall of shame. You’d expect a publicly traded company with more than 160 million members, including executive managers at Fortune 500 businesses, to be diligent about security. But after the millions of LinkedIn passwords were posted to a Russian hacker forum, security experts were shaking their heads at the company’s lax efforts. The company quickly became the butt of jokes in the security community, and its reputation took a beating. “It tends to be viewed as an organization that would give more resources, care and attention to security than others. That’s where they ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
How to pen test: Why you need an internal security pen testing program
by Dave Shackleford
Learn pen testing best practices and how to build an internal pen testing team.
-
Securing SharePoint: SharePoint security best practices
by Marcia Savage, Editor
SharePoint has become ubiquitous in the enterprise, but organizations can overlook security. Learn SharePoint security best practices in this article.
-
Talk of cyberwarfare threats heats up with Flame malware
by Robert Westervelt, News Director
Experts say malware toolkit isn’t unique, but warn of cyberweapons falling into the wrong hands.
-
How to pen test: Why you need an internal security pen testing program
by Dave Shackleford
-
-
Big data security analytics: Harnessing new tools for better security
by Scott Crawford, Contributor
New techniques are emerging to help organizations analyze security data and improve security defenses.
-
Three steps for securing SharePoint
by Brien M. Posey, Contributor
Restricting user permissions, server hardening and dedicated service accounts are critical.
-
Big data security analytics: Harnessing new tools for better security
by Scott Crawford, Contributor
-
Columns
-
Gary McGraw on mobile security: It’s all about mobile software security
by Gary McGraw, Contributor
Mobile systems have a lot of moving parts, but securing them is as simple as practicing software security.
-
Cyberspace protection requires government collaboration with industry
by Riley Repko, Contributor
Government and private sector collaboration is critical to surviving in cybespace.
-
LinkedIn password leak: Lessons to be learned from LinkedIn breach
by Marcia Savage, Editor
Breach at the professional networking site highlights password practices, storage procedures.
-
Gary McGraw on mobile security: It’s all about mobile software security
by Gary McGraw, Contributor
More Premium Content Accessible For Free
Compliance and risk modeling
E-Zine
You can fight compliance or embrace it, but one way or the other, you can’t escape it. Increasingly, smart organizations are not just accepting ...
Essentials: Threat detection
E-Zine
Antivirus and intrusion prevention aren’t the threat detection stalwarts they used to be. With mobile endpoints and new attack dynamics, enterprises ...
Managing identities in hybrid worlds
E-Zine
The world in which successful IAM programs must be implemented is increasingly complex, a mix of legacy on-premise IAM infrastructures, cloud-based ...