Comments on: Data thieves use simple hacks, go undetected for months http://lastwatchdog.com/data-thieves-simple-hacks-undetected-months/ on Internet security by Byron Acohido Fri, 03 Feb 2012 18:38:32 +0000 hourly 1 http://wordpress.org/?v=3.0.4 By: Matt Hines http://lastwatchdog.com/data-thieves-simple-hacks-undetected-months/#comment-845 Matt Hines Wed, 14 Oct 2009 14:10:17 +0000 http://lastwatchdog.com/?p=3093#comment-845 It seems that the sheer ubiquity of complex targeted attacks and the recognition of the widespread availibility of assailable vulnerabilities (including via regulatory activity) is finally pushing companies and government organizations to get proactive with IT security. Unfortunately in the business world there has been a longstanding resistence to investment in vulnerability management and self assessment initiatives as it's hard to sell execs on the ROI of processes that aim to prevent something that hasn't happened yet. Great piece as always Byron. Matt Hines Core Security Technologies It seems that the sheer ubiquity of complex targeted attacks and the recognition of the widespread availibility of assailable vulnerabilities (including via regulatory activity) is finally pushing companies and government organizations to get proactive with IT security.

Unfortunately in the business world there has been a longstanding resistence to investment in vulnerability management and self assessment initiatives as it’s hard to sell execs on the ROI of processes that aim to prevent something that hasn’t happened yet.

Great piece as always Byron.

Matt Hines
Core Security Technologies

]]> By: Gary Palgon http://lastwatchdog.com/data-thieves-simple-hacks-undetected-months/#comment-844 Gary Palgon Mon, 12 Oct 2009 20:32:15 +0000 http://lastwatchdog.com/?p=3093#comment-844 You're exactly right Byron. And the sad fact is that the bad guys often make a small investment and yield a big (until caught). Your examples also point to a gap in the PCI standard regarding the internal movement of data, where there's not a requirement to encrypt it - yet. And while credit cards are often the focus of companies, so much other personally identifiable information (PII) exists out there and are being breached as well. Gary Palgon VP Product Management nuBridges, Inc. You’re exactly right Byron. And the sad fact is that the bad guys often make a small investment and yield a big (until caught). Your examples also point to a gap in the PCI standard regarding the internal movement of data, where there’s not a requirement to encrypt it – yet. And while credit cards are often the focus of companies, so much other personally identifiable information (PII) exists out there and are being breached as well.

Gary Palgon
VP Product Management
nuBridges, Inc.

]]> By: Bob Pollock, CEO http://lastwatchdog.com/data-thieves-simple-hacks-undetected-months/#comment-835 Bob Pollock, CEO Sun, 11 Oct 2009 16:05:28 +0000 http://lastwatchdog.com/?p=3093#comment-835 Byron: Your going to blow your " SCOOP" if you continue to procrastinate! .Please contact me...... BobP/CEO Byron: Your going to blow your ” SCOOP” if you continue to procrastinate! .Please contact me……
BobP/CEO

]]> By: Bob Pollock, CEO http://lastwatchdog.com/data-thieves-simple-hacks-undetected-months/#comment-834 Bob Pollock, CEO Sun, 11 Oct 2009 16:01:50 +0000 http://lastwatchdog.com/?p=3093#comment-834 Don Debolt: We do Prevent Net breaches and we soon will launch the company. Unlike the 30 year track record of the S/W industry and no science, we are 100% Science backed and we have many satisfied clients including the Canadian Govt. Dept of Public Safety,(DHS) and the US AF & Navy, and commercial clients too. Almost ready to launch, so for an advanced briefing, please email me directly: continuump@gmail.com BobP/CEO Don Debolt: We do Prevent Net breaches and we soon will launch the company. Unlike the 30 year track record of the S/W industry and no science, we are 100% Science backed and we have many satisfied clients including the Canadian Govt. Dept of Public Safety,(DHS) and the US AF & Navy, and commercial clients too. Almost ready to launch, so for an advanced briefing, please email me directly: continuump@gmail.com
BobP/CEO

]]> By: Don DeBolt http://lastwatchdog.com/data-thieves-simple-hacks-undetected-months/#comment-817 Don DeBolt Fri, 09 Oct 2009 19:36:36 +0000 http://lastwatchdog.com/?p=3093#comment-817 The "Bad Actor" has the advantage as they only need one opening to establish a foothold within a given company. The actors are professional, efficient, and motivated. They are leveraging the Internet to deliver Malware payloads that enable many of these attacks. Corporations must work to reduce complexity and gain greater control of their IT environments. This of course means that restrictions must be put in place on users and technologies to limit exposure. Don DeBolt Director of Threat Research CA-ISBU The “Bad Actor” has the advantage as they only need one opening to establish a foothold within a given company. The actors are professional, efficient, and motivated. They are leveraging the Internet to deliver Malware payloads that enable many of these attacks. Corporations must work to reduce complexity and gain greater control of their IT environments. This of course means that restrictions must be put in place on users and technologies to limit exposure.

Don DeBolt
Director of Threat Research
CA-ISBU

]]>