News

The personal details of 1.6 million individuals were lost after they were placed on a CD that accidentally got sent to landfill. According to the Information Commissioner’s Office (ICO), Eastern and Coastal Kent Primary Care Trust sent a filing cabinet to landfill that contained a CD which had the address, date of birth, NHS number and GP practice code of approximately 1.6 million individuals. The ICO said that when planning the office move, the security of the CD was considered [...]

All organizations, regardless of size or industry, utilize encryption keys and digital certificates for electronic communications and authentication. SSL certificates and the accompanying encryption keys, for instance, are broadly used to secure systems and data for a wide variety of mission critical applications, including protecting credit card transactions, online banking, healthcare information access, and many others. Encryption has become ubiquitous. Though encryption technologies have a proven track record, organization are hesitant to deploy more of it for fear they’ll be [...]

Almost 90 per cent of businesses have suffered some form of data loss in the past year. A survey of 1,987 European businesses by CA Technologies found that respondents had struggled to deal with IT systems failure, attacks and human error. A total of 88 per cent of respondents suffered application and data loss incidents in the past year, while 63 per cent had experienced an IT systems failure, such as a network, storage or software failure. In the survey, [...]

Venafi developed the Director 6 platform and applied for the patent after recognizing that organizations have little insight into the security assets in their inventories, where they are deployed, by whom they are accessed or how they are managed. Without leveraging best practices and automated management processes across multiple CAs, companies and government agencies cannot gain control of their spiraling key and certificate inventories. Thus they expose themselves to significant, unquantified and unmanaged security, compliance and operational risks, which invariably [...]

The Scottish Children’s Reporter Administration (SCRA) breached the Data Protection Act twice, according to the Information Commissioner’s Office (ICO). In two separate incidents, the SCRA failed to keep sensitive information about the welfare of young people secure when files were sent to the wrong person or were not correctly destroyed. According to the ICO, the first incident occurred in September last year when nine case files were mistakenly left in a filing cabinet which was removed as part of an [...]

Dutch certificate authority (CA) DigiNotar has admitted that its infrastructure was hacked, leading to a fraudulent Google.com SSL certificate being issued. With a valid certificate issued and ‘signed’ by DigiNotar, a browser would not display a warning message when a user visited a website signed with the certificate. A statement by DigiNotar’s parent Vasco said that an intrusion was noted on 19th July, which resulted in the fraudulent issuance of public key certificate requests for a number of domains, including [...]

Cyber crime remains the leading business risk for organisations of all sizes. According to Symantec’s 2011 State of Security survey, this is the second year in a row that cyber security has ranked higher than traditional crime, natural disasters and terrorism. Of the 3,300 C-level professionals from 36 countries surveyed, the majority of respondents suffered damages as a result of cyber attacks, yet more reported a decline in the number and frequency of attacks compared to 2010. Despite there being [...]

Research has found that 99 per cent of enterprise-level networks have a serious gap in their IT security defences. According to FireEye, advanced malware and targeted attacks are easily evading traditional defences, such as firewalls, intrusion prevention systems, anti-virus and web/email gateways. Analysis of malware infections, detected by its Malware Protection System, found that 99 per cent of enterprises have had malicious infections entering the network each week. Also, 80 per cent of the enterprises faced more than a hundred [...]

Nokia took down a developer website after hackers accessed personal details of smartphone application developers. The attack followed a defacement of the site last week, where a hacker named as ‘pr0tect0r AKA mrNRG’ defaced the homepage with a picture of Homer Simpson with the message: “LOL, Worlds number 1 mobile company but not spending a dime for a server security! FFS patch your security holes otherwise you will be just another antisec victim. No Dumping, No Leaking!!” Nokia said that [...]

The Information Commissioner’s Office (ICO) has stressed the importance of data privacy and said that it should be part of the formal education process. Launching a new research project to explore ways of getting information rights issues covered in primary and secondary education systems in the UK, the ICO said that it is vital that young people understand about their privacy rights and how to exercise them. Jonathan Bamford, head of strategic liaison at the ICO, said: “Young people today [...]