This article is part of the December 2007/January 2008 issue of Reflections on the impact of Sarbanes-Oxley
Getting the Point by Mark Baard ChoicePoint put data breaches on the front page of The Wall Street Journal, into corporate boardrooms and the consciousness of Americans. ChoicePoint CISO Richard Baich's protestations in 2005 that his company was the victim of fraud, not a hack, sound almost archaic now. "This is not an information security issue," Baich told Information Security shortly after ChoicePoint disclosed 163,000 customer records had been accessed. "My biggest concern is the impact this has on the industry from the standpoint that people are saying ChoicePoint was hacked. No we weren't. This type of fraud happens every day." In fact, the incident underscored the vulnerability of sensitive data to many attack vectors, from classic computer hacks to trusted insiders to thieves like the ChoicePoint fraudsters. They posed as legitimate business customers and set up accounts to obtain the type of information that ChoicePoint typically sold third parties. It's not that ChoicePoint was the first or the worst data breach, but it was spectacular, driving ... Access >>>
Premium Content for Free.
Blow Out the Candles
Information Security magazine turns 10 years old, maturing right alongside the security industry.
Getting the Point | Turning Points | Nefarious Numbers | SOX Appeal | Evolution of a Hacker | Digital Pickpockets | The Toughest Battle: 10 Years, 10 Attacks | We Hardly Knew Ye
A Dynamic Decade | News of the Day | Trustworthy Finally? | Crystal Ball
- Blow Out the Candles
The View from Visionaries | Taking the Services-on-Demand Plunge | Warning Signs | Web of Worry | Attack Toolkits | VoIP Vulnerable
How Sarbanes-Oxley changed the information security profession
Sarbanes-Oxley empowered information security professionals with the clout they'd sought for so long.
More Premium Content Accessible For Free
FTP gets big files to colleagues and clients fast, but as the headlines remind us, the threat of electronic break-ins is real. This guide to secure ...
As tablets and smartphones become more integrated into business environments, CISOs are scrambling to put effective countermeasures in place. But too...
This Technical Guide examines the necessary elements of, and how to implement, a sound mobile device management strategy. Devices will be lost...