Posted on

Singaporeans get hard token baked into credit card

https://regmedia.co.uk/2012/11/07/displaycard.jpg

Two-factor authentication just got a whole lot more convenient for residents of Singapore, after Standard Chartered Bank’s local outfit teamed with MasterCard to offer account-holders a credit card that is also a one-time-password-generating hard token.

MasterCard calls the device a ‘Display Card’ and says it includes “an embedded LCD display and touch-sensitive buttons”.

Original news article at https://news.hitb.org/ on November 08, 2012 at 07:53AM

Posted on

Coca-Cola Co. Computer Systems Hacked, But Organization Never Publicly Disclosed Loss Of Sensitive Information

FBI officials quietly approached executives at Coca-Cola Co. (KO) on March 15, 2009, with some startling news.

Hackers had broken into the company’s computer systems and were pilfering sensitive files about its attempted $2.4 billion acquisition of China Huiyuan Juice Group (1886), according to three people familiar with the situation and an internal company document detailing the cyber intrusion. The Huiyuan deal, which collapsed three days later, would have been the largest foreign takeover of a Chinese company at the time.

Click for complete article >>

Original news article at https://www.teamshatter.com on November 06, 2012 at 01:53AM

Posted on

Security Planning Guide for 2013

Our team (specifically Ramon Krikken | Phil Schacter | Eric Maiwald | Dan Blum | Mario de Boer | Anton Chuvakin)  has just released an annual security planning guide: “2013 Planning Guide: Security and Risk Management.” Every GTP customer should go and read it! It’s abstract states that “The Nexus of Forces brings great opportunities and risks. This Planning Guide provides information security and risk teams with invaluable insights for prioritizing security and risk projects in 2013.”

In the guide, our team tackles the following topics:

Here are a few fun quotes:

  • “Gartner has identified the effects of the Nexus of Forces — information, social, mobile and cloud — as the key macro trends driving IT and information security in 2013.” […] The impetus and nature of these trends are described in more detail in “2013 Professional Effectiveness Planning Guide: Coming to Terms with the Nexus of Forces.”
  • “Building controls that work with a variety of endpoints, cloud services, and hybrid IT means focusing on agile security programs and architecture, which includes monitoring as an important component.” […] “in an increasingly hybrid IT and mobile world, monitoring must see farther beyond the walls, farther above the infrastructure layers and deeper into the application context.”
  • “Other continuing security market drivers are the effects of general volatility on security, a more dangerous threat landscape, complex and evolving regulatory standards of protection, consumerization and mobility, and the ongoing transformative effects of cloud computing.”
  • “Security information and event management (SIEM) solutions are vital as the hub for security monitoring, but other tools such as DLP and database audit and protection (DAP) are needed. Enterprises must prioritize goals and operationalize monitoring to make it effective.”
  • “Implement alert triage and report review processes, and commit people to executing them. Bulk up the gaps with dedicated service providers or tool vendor professional services.”

Finally, I know that some of my esteemed blog readers are upset that I occasionally post links to materials requiring various forms of Gartner subscriptions. Well…mmm…get a subscription already!

Related posts:

Original news article at https://blogs.gartner.com/anton-chuvakin on November 03, 2012 at 12:08AM