Industries — News

Leverage government innovation to reduce identity management risks

Managing consumer or citizen identities comes with two key problems--scale and cost--prompting organizations that require onboarding, authentication, and <a href="http://www.csoonline.com/article/684895/password-management-systems-how-to-compare-and-use-them">password management</a> to look for ways to outsource this effort. Entertainment websites, online retailers, and even US federal government-to-citizen websites are experimenting with a federated model for more of their identity management life cycle. By using single sign-on (SSO) and attribute-sharing between "social" identity providers (IdPs) (i.e. Google and Facebook) and relying parties (RPs), this model effectively reduces cost and improves the customer experience.

Eve Maler | 14 Jul | Read more

Cyberwar and cyber-isolationism

There has been a bit of a splash in the press recently about a mention by former CIA Director Gen. Michael Hayden of the idea of creating new, extra secure internets for government or commerce. Users would have to give up their privacy to use these versions of the Internet, with a requirement for the use of real names and all their traffic subject to deep packet inspection. The vision seems to be that government would use one such network and services such as banking would use another.

Scott Bradner | 13 Jul | Read more

Lulzsec: the rise and fall of a hacking collective

The curtain has fallen on the 50 day performance by hacker group LulzSec. Its campaign of mayhem and destruction, peppered with witty commentary captivated the world. In an alternate universe where Lulzcats reign and anti-security is the norm, it might have even earned a spot on its first target, The X-Factor. But on this earth its members may still be captured by its later targets: the CIA, US law enforcement and the FBI.

Liam Tung | 12 Jul | Read more

Aussie businesses would snub free security audits

Despite the current focus on security stemming from the massive data breaches that resulted from hackers exploiting low- and high-level system vulnerabilities, few businesses in the UK and Australia are interested in auditing systems -- even when they're free.

Liam Tung | 08 Jul | Read more

DHS tests show security's people problem

It was widely reported last week that as part of a study, the U.S. Department of Homeland Security (DHS) randomly dropped USB and optical drives in government and private contractor parking lots -- and more than half of those who picked one up readily plugged it into their work computer.

Lucas Mearian | 07 Jul | Read more

UK health walloped for sick security culture

The UK’s Information Commissioner has ordered the National Health Service to tighten its grip on security, fearing that data protection is a “systemic problem” for its organisations. Five health NHS organisations have signed recent data security undertakings in response to potential privacy breaches this year caused by staff losing patient records, faxing medical reports to the wrong number, and losing laptops.

Liam Tung | 04 Jul | Read more

Arizona State Police Hit with Second Data Dump

Arizona State Police recently fell victim to a <a href="http://www.pcworld.com/businesscenter/article/231067/lulzsec_said_it_leaked_arizona_police_documents.html">second embarrassing data dump</a> that included information stolen from the personal e-mail accounts of 12 Arizona police officers. The stolen data, according to the hackers, includes names, addresses, phone numbers, passwords, Social Security numbers, online dating account info, voicemails, chat logs, internal police reports, and racist chain e-mails. Hackers also say they nabbed the personal data of Stephen Harrison, a spokesman for the Arizona Department of Public Safety.

Ian Paul | 01 Jul | Read more

Researchers Look at New Ways to Keep Your Information Safe

Since 1997 identity theft and fraud has affected more than 5.4 million people in the United States. And that number is on the rise with, more than 1.3 million complaints to the <a href="http://www.ftc.gov/sentinel/">Consumer Sentinel Network</a> (CSN) between January and December of 2009 alone. <a href="http://www.ftc.gov/sentinel/reports/sentinel-annual-reports/sentinel-cy2009.pdf">According to the Federal Trade Commission</a> (PDF), of the 721,418 fraud-related complaints to the CSN in 2009, this has cost customers [of various products and services] more than 1.7 billion dollars at a median payout of $399. But what can companies do to prevent fraud and identity theft?

James Mulroy | 30 Jun | Read more