Security Stories You May Have Missed
First of all, it's important to point out that we aren't just one news site; we're a family of them. Information Security Media Group (ISMG) debuted roughly four years ago with its first media property, BankInfoSecurity.com. We've since grown to add CUInfoSecurity.com for credit unions, GovInfoSecurity.com for the public sector, and our newest site, the self-explanatory HealthcareInfoSecurity.com. Each of our sites also has an active Careers section showcasing opportunities and insights for information security professionals and leaders.
And yet even though our sites cater to very distinct industry sectors, occasionally stories come along that have mass appeal. Here are some of them.
Even though our sites cater to very distinct industry sectors, occasionally stories come along that have mass appeal. Here are some of them.
Internal Fraud: A Growing, Global Problem
The Association of Certified Fraud Examiners (ACFE) has just released a new study on occupational fraud (read: the insider threat), and the stats are bracing: Roughly 5 percent of an organization's revenue is lost to these fraud incidents, which adds up to a potential total loss of nearly $3 trillion per year.
Check out this story to learn some of the red flags to look for in prospective fraudsters. Also, be sure to listen to Tracy Kitten's interview with the ACFE's John Warren, who offers color commentary on this report.
Specifically from BankInfoSecurity.com, please take note of:
ACH Fraud Sparks Another Suit
In Linda McGlasson's ongoing coverage of fraud incidents involving Automated Clearing House (ACH) payments between businesses and banks, we finding a growing divide over the question of "Who's responsible when a business is fleeced by a fraudulent bank transaction?" In this latest chapter, a Maine business has sued its bank after seeing more than $500,000 siphoned from its account. But the story is much bigger than a single business or bank. It's about what truly is considered "reasonable security?" This is a question you're going to see debated for some time to come across all of our news sites.
From CUInfoSecurity.com, please check out:
Gigi Hyland: 'Challenging' Times for Credit Unions
This is an exclusive interview with the outspoken board member from the National Credit Union Administration (NCUA). A sharp, articulate presidential appointee, Hyland shares her thoughts on the current state of the nation's credit unions, banking regulatory reform, and she even lays out what she sees as the five top information security threats to member institutions.
From the GovInfoSecurity.com side of the house comes some news you might not have heard:
House Adopts Major Cybersecurity Measure
I mean, did you know that when the House last week approved the National Defense Authorization Act - the repeal of the military's 'don't ask, don't tell' policy - that it included a rider that would fast-track federal cybersecurity legislation, including a provision to create a new Office of Cyberspace in the White House and an update of the eight-year-old Federal Information Security Measurement Act (FISMA)? See Eric Chabrow's story for more details.
On HealthcareInfoSecurity.com, Howard Anderson continues to break news about the latest (and scariest) breaches, and this week came news of a biggie:
AvMed Breach Now Affects 1.2 Million
As you may know, healthcare organizations are now required to report - not just to regulators, but to the public - data breaches of significant size (sounds like a monster from William Goldman's "The Princess Bride," no?). Well, AvMed Health Plans is now on record as the largest reported breach, this one resulting from the theft of two laptops - one of which may have included information on more than 1.2 million of its current and former members. Again, see the story for more details, and be sure to check out other healthcare-related data breaches.
Finally, a story from our Careers site:
7 Tips for Social Media Safety
No question, social networking is one of the hottest topics today, not just in information security, but in any private or public sector organization. Everyone wants to learn more about the opportunities - and perils - inherent in Facebook, LinkedIn and Twitter. Upasana Gupta has written several popular pieces on how to use social networking to enhance a career, and in this piece she offers advice on how professionals can help protect their reputations and privacy.