Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

Understand the Cost of Cyber Security Crime

HP Report – Cyber Crime Costs Continue to Grow: “Cyber crimes are growing more common, more costly, and taking longer to resolve. Those are among the findings of the fifth annualCost of Cyber Crime Study conducted by the respected Ponemon Institute on behalf of HP Enterprise Security. The 2014 global study of U.S.-based companies, which spanned seven nations, found that over the course of a year the average cost of cyber crime climbed by more than 9% to $12.7 million for companies in the United States, up from 11.6 million in the 2013 study. The average time to resolve a cyber attack is also rising, climbing to 45 days, up from 32 days in 2013.”

Is Your Company Ready for a Big Data Breach?

The Second Annual Study on Data Breach Preparedness – Ponemon Institute© Research Report – Sponsored by Experian® Data Breach Resolution – Independently conducted by Ponemon Institute LLC. Publication Date: September 2014. “Data breaches are increasing in frequency. Forty-three percent of respondents say their companies had a data breach involving the loss or theft of more than 1,000 records, anContinue Reading

Taking Steps to Improve Federal Information Security

Beth Cobert, Deputy Director for Management at the Office of Management and Budget  “In a rapidly changing technological environment, we must have robust procedures, policies, and systems in place to protect our nation’s most sensitive information. Growing cybersecurity threats make it ever more important for the Federal government to maintain comprehensive information security controls to assessContinue Reading

Hackers’ Attack Cracked 10 Companies in Major Assault – NYT

By MATTHEW GOLDSTEIN, NICOLE PERLROTH and DAVID E. SANGER “The huge cyberattack on JPMorgan Chase that touched more than 83 million households and businesses was one of the most serious computer intrusions into an American corporation. But it could have been much worse. Questions over who the hackers are and the approach of their attack concern government and industry officials.Continue Reading

National Cyber Security Awareness Month 2014

DHS: “The Internet is part of everyone’s life, every day. We use the Internet at work, home, for enjoyment, and to connect with those close to us. However, being constantly connected brings increased risk of theft, fraud, and abuse. No country, industry, community, or individual is immune to cyber risks. As a nation, we face constantContinue Reading

JPMorgan Chase Says More Than 76 Million Accounts Compromised in Cyberattack

New York Times: “The breach is among the largest corporate hacks, and the latest revelations vastly dwarf earlier estimates that hackers had gained access to roughly 1 million customer accounts.”

Bourne-Again Shell (Bash) Remote Code Execution Vulnerability

“US-CERT is aware of a Bash vulnerability affecting Unix-based operating systems such as Linux and Mac OS X. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code on an affected system. The flaw was originally assigned CVE-2014-6271, but it was later discovered that the patch had an issue in the parser and didContinue Reading

Information Sharing Environment: Annual Report to Congress – 2014

“This report is submitted by the Program Manager for the Information Sharing Environment (PM-ISE) on behalf of the President, as required by Section 1016 (h) (2) of the Intelligence Reform and Terrorism Prevention Act (IRTPA) of 2004, as amended. Accompanying, but distinct from this report, are substantial performance data and links to best practices, lessons learned,Continue Reading

Results of the 2014 Global Privacy Enforcement Network Sweep

“The second Global Privacy Enforcement Network (GPEN) Privacy Sweep demonstrates the ongoing commitment of privacy enforcement authorities to work together to promote privacy protection around the world. Some 26 privacy enforcement authorities in 19 countries participated in the 2014 Sweep, which took place May 12-18. Over the course of the week, participants downloaded 1,211 popular mobile appsContinue Reading

New GAO Reports – Army Corps of Engineers, Bureau of Prisons, CFPB, ID Theft, Oil and Gas Transportation, Affordable Care Act

ARMY CORPS OF ENGINEERS: The Corps Needs to Take Steps to Identify All Projects and Studies Eligible for Deauthorization, GAO-14-699: Published: Aug 21, 2014. Publicly Released: Sep 22, 2014. BUREAU OF PRISONS: Management of New Prison Activations Can Be Improved, GAO-14-709: Published: Aug 22, 2014. Publicly Released: Sep 22, 2014. CONSUMER FINANCIAL PROTECTION BUREAU:Some Privacy and Security Procedures for Data CollectionsContinue Reading

New GAO Reports – Critical Infrastructure Protection, EPA Regs and Electricity

CRITICAL INFRASTRUCTURE PROTECTION: DHS Action Needed to Enhance Integration and Coordination of Vulnerability Assessment Efforts, GAO-14-507: Published: Sep 15, 2014. Publicly Released: Sep 15, 2014: “DHS is not positioned to manage an integrated and coordinated government-wide approach for assessments as called for in the NIPP because it does not have sufficient information about the assessment tools andContinue Reading

Cyberthreats in past year impact 93% of financial services organizations

“Cyberattacks targeting financial services firms are on the rise, but are these organizations doing enough to protect business and customer data? According to a Kaspersky Lab and B2B International survey of worldwide IT professionals, 93% of financial services organizations experienced various cyberthreats in the past 12 months. And while cyber-attacks targeting financial services firms are on the rise, nearly oneContinue Reading