When Breaches Affect a Lot More than the Victim: How Much Security Is Enough?


Another report of a breach at a technology vendor much of the industry depends upon for security and trust; this time, Verisign. The most immediate concern about this incident was that the attacks in question occurred in 2010, and were not widely known until Reuters discovered the disclosure in the company’s reporting as required to [...]



By | February 3rd, 2012|Security|0 Comments

The Rise of Data-Driven Security, Part 2: Data Sources and Emerging Data Markets


In my last post, the first in this series, I talked about how recent vendor trends highlight the rise of data-driven tactics for defense. This is just one of three major aspects of data-driven security becoming more prominent in products and services. To recap, those three aspects are: Data-driven tactics which differ from legacy security [...]



By | January 14th, 2011|Security|0 Comments

Verizon Publishes its VERIS Community Application


The Verizon RISK team have just published their VERIS community application. Structured on the VERIS (Verizon Enterprise Risk and Incident Sharing) framework, this application is a tool they have made available to extend to anyone the ability to contribute information on data breach incidents, to enrich the already considerable body of breach data Verizon has [...]



By | November 11th, 2010|Security|0 Comments
Load More Posts