A recent ruling by consumer court in Mumbai, India has held the bank responsible if it has not complied with regulations and the account holders money is fraudently transferred. Continue reading “Banks responsible for hacked customer accounts”
No Work No pay? Time to change the rules
In what is nearly comical for the type and nature of incident, telecom giant Avaya paid salary to an employee who never worked. Investigations reveal that it was a simple case of not deleting the name from payroll file. Continue reading “No Work No pay? Time to change the rules”
Economic Value of a threat
Is it sufficient to just benchmarks threats based on CVSS ratings or do we need to do something more to actually understand the threat better Continue reading “Economic Value of a threat”
Results of Internet Security Survey
The IBM Internet Security Systems X-Force® research and development team has recently issued a white paper on Internet Security threats. Some of the key findings are Continue reading “Results of Internet Security Survey”
Another incident and more questions
Network Solutions had an IT Security incident in June this year that compromised more than 573,000 credit and debit cardholders. In what is becoming a very regular post incident debate the issue being asked is – Do certifications such as ISO27001, PCI really beef up IT Security in companies? Continue reading “Another incident and more questions”
Botnets – What you need to know
Botnets are suddenly in the news for all the wrong reasons. What are botnets and why are they in the news?
Employee IT Security behavior turns worse
A new study released by the Ponemon Institute reveals that there is a general lack of awareness and enforcement of computer security policies at many companies. The rate of non-compliant employee behavior appears to be getting worse over time. Continue reading “Employee IT Security behavior turns worse”
Cardinal Rule in IT Security – Remove admin rights for end users
In many organizations, End users are generally found to have administrative privileges over their desktops and laptops. But this could turn out to be one of the most potent IT security risk faced by the organization. Continue reading “Cardinal Rule in IT Security – Remove admin rights for end users”
It doesn’t matter where the weakest link is as long as it exists.
Day in and out we are reading and listening to news about how lost and stolen data, Virus attacks crippling organizations, unauthorized software that may contain malwares and so on. While it is impossible to eliminate IT risks altogether, certain steps can aid in placing less reliance on the persons and processes and more on technology. At the end of the day it is better to Push Security to End Users than to expect compliance. Continue reading “It doesn’t matter where the weakest link is as long as it exists.”
Increasing threats from Malwares – Controls
Malwares are malicious softwares that are created with a intention to damage information processing facilities. It is different from error in software which may cause the same end result but is not intentional. Malwares are written with a specific purpose to cause damage. What are the controls you can use for protection
Continue reading “Increasing threats from Malwares – Controls”