The press release informing the media that eBay customers will be asked to change their passwords as a result of a 'cyberattack that compromised a database' isn't so much about the lost passwords, which admittedly were encrypted. It's about the psychology of announcing to 233 million people that their personal information is now in the hands of criminals, and doing so nonchalantly.
There's a new security vulnerability in town. It's not even that new, we just didn't know about it until now. But it's a whopper and it threatens to impact everyone. If you've ever seen the little lock on your Web browser or read the words SSL or TLS, then you know that mechanisms are in place to secure our Internet existence. Well, our (false) sense of security has now been shattered by the discovery of a programming error in the Web's most popular encryption software,OpenSSL, that can cause security certificates, emails, passwords, transactions and sensitive data to fall into the wrong hands. How about them apples?
Security is about risk. And risk is about numbers. Given the high probability of suffering data security and privacy breaches, is it any wonder companies are trying to discover security vulnerabilities before they turn into embarrassing breaches?
Independent security audits provide visibility into the risk. By taking the opportunity to fix problems before they get expensive, smart companies gain security assurance and achieve compliance with privacy legislation. Risk assessments of this nature are by far the most popular service we deliver, so we know something about what drives those purchasing decisions. And today is as good a day as any to share the numbers.
First, the robots. They're cute. they're animated. And you can replay the clip as many times as you want, for free. As for the cyberfraud bit, that's a different story. In years past, I published lists of predictions for the new year, chronicled notable events and published timely stories. This time I just have 3 quick points to share and you can return to planning the festivities...
In a recent press release we echoed the Privacy Commissioner's concerns over growing numbers of data breaches occurring in 10 government agencies. Over 3000 inadequately reported data breaches took place at the Canadian Revenue Agency, Fisheries and Oceans, Public Safety, Employment and Social Development Canada, Justice Canada, Citizenship and Immigration, Passport Canada, the Correctional Service, the RCMP, the Parole Board and Veterans Affairs. Here are 5 best practices that represent a win-win for businesses, government agencies and the public.
Informatica reserves all rights to its proprietary content. FlexProtect, FlexSecure and WorkLife are tradenames and service marks of Informatica Corporation.