Links of the Week: Data Security Edition

There were some great articles on CIO.com this week relating to Data Security. Here they are plus a selection of the best IT Data Security articles in the last week:

  • Heartland CEO: QSAs Let Us Down
    In the review of what led to the Heartland credit card breach, Heartland’s CEO Robert Carr points to the PCI compliance auditors that passed the company before the breach – “PCI compliance doesn’t mean secure. We and others were declared PCI compliant shortly before the intrusions.”
  • Opinion: Heartland CEO Must Accept Responsiblity
    A counter point to the previous article. Mike Rothman asserts that by attempting to blame the QSAs for the data breach they are learning nothing, and not addressing the root issue – “To be clear, you cannot outsource thinking. You cannot outsource security.”
  • 8 Dirty Secrets of the IT Security Industry
    Are IT Security vendors really interested in improving your network’s security? Joshua Corman from IBM’s Internet Security Systems division details 8 trends in the IT Security market that help undermine a network’s security.
  • Social Engineers’ 9 Favorite Pick-Up Lines
    Social Engineers leverage the trust people have in the familiar to gain access to facilities and networks. These 9 examples illustrate how easy it is for that trust to be abused. How many would you (or your employees fall for)?
  • Hackers have Social Networking sites in their crosshairs
    In a recent study Breach Security, hackers are attacking Social Networking sites with increased frequency, accounting for 19% of online attacks in 2009.
  • Twitter used to control botnet
    It was a matter of time, but Jose Nazario of Arbor Networks discovered a botnet that used Twitter for its command and control infastructure. While the account in question is obviously not a person, how long before a botnet writer creates an account that looks legitimate at first glance?
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *