This article is part of the December 2007/January 2008 issue of Reflections on the impact of Sarbanes-Oxley
Getting the Point by Mark Baard ChoicePoint put data breaches on the front page of The Wall Street Journal, into corporate boardrooms and the consciousness of Americans. ChoicePoint CISO Richard Baich's protestations in 2005 that his company was the victim of fraud, not a hack, sound almost archaic now. "This is not an information security issue," Baich told Information Security shortly after ChoicePoint disclosed 163,000 customer records had been accessed. "My biggest concern is the impact this has on the industry from the standpoint that people are saying ChoicePoint was hacked. No we weren't. This type of fraud happens every day." In fact, the incident underscored the vulnerability of sensitive data to many attack vectors, from classic computer hacks to trusted insiders to thieves like the ChoicePoint fraudsters. They posed as legitimate business customers and set up accounts to obtain the type of information that ChoicePoint typically sold third parties. It's not that ChoicePoint was the first or the worst data breach, but it was spectacular, driving ... Access >>>
Premium Content for Free.
Blow Out the Candles
Information Security magazine turns 10 years old, maturing right alongside the security industry.
Getting the Point | Turning Points | Nefarious Numbers | SOX Appeal | Evolution of a Hacker | Digital Pickpockets | The Toughest Battle: 10 Years, 10 Attacks | We Hardly Knew Ye
A Dynamic Decade | News of the Day | Trustworthy Finally? | Crystal Ball
- Blow Out the Candles
The View from Visionaries | Taking the Services-on-Demand Plunge | Warning Signs | Web of Worry | Attack Toolkits | VoIP Vulnerable
How Sarbanes-Oxley changed the information security profession
Sarbanes-Oxley empowered information security professionals with the clout they'd sought for so long.
More Premium Content Accessible For Free
Unified threat management (UTM) long focused on small and medium-sized businesses, but now it's climbing the ladder and attempting to become ...
As more security professionals take on greater roles in global risk management, Global 2000 companies are investing in cybersecurity measures above ...
All indications show that DDoS attacks are increasing in variety, number and size. No network system is immune and information security pros can't ...