recentpopularlog in

jerryking : data_breaches   41

Security Breach and Spilled Secrets Have Shaken the N.S.A. to Its Core
NOV. 12, 2017 | The New York Times | By SCOTT SHANE, NICOLE PERLROTH and DAVID E. SANGER.

“These leaks have been incredibly damaging to our intelligence and cyber capabilities,” said Leon E. Panetta, the former defense secretary and director of the Central Intelligence Agency. “The fundamental purpose of intelligence is to be able to effectively penetrate our adversaries in order to gather vital intelligence. By its very nature, that only works if secrecy is maintained and our codes are protected.”
adversaries  data_breaches  hacking  vulnerabilities  counterintelligence  counterespionage  moles  malware  ransomware  Fedex  Mondelez  Edward_Snowden  security_&_intelligence  Russia  Leon_Panetta  NSA  cyber_security  cyber_warfare  cyberweapons  tools  David_Sanger  SecDef  CIA 
november 2017 by jerryking
SEC Chief Wants Investors to Better Understand Cyberrisk - WSJ
Sept. 5, 2017 | WSJ | By Dave Michaels.

The chairman of the Securities and Exchange Commission said Tuesday that regulators and Wall Street need to do more to educate investors about the serious risks that companies and the financial system face from cyberintrusions.

Jay Clayton, speaking at an event sponsored by New York University’s School of Law, said investors still don’t fully appreciate the threat posed by hackers. “I am not comfortable that the American investing public understands the substantial risk that we face systemically from cyber issues and I would like to see better disclosure around that,” Mr. Clayton said.
SEC  cyber_security  cyberthreats  cyberrisks  risks  hackers  cyberintrusions  regulators  Wall_Street  data_breaches  disclosure  under_appreciated  financial_system 
september 2017 by jerryking
Amy Pascal’s Hollywood Ending, Complete With Comeback Twist - The New York Times
Article on Amy Pascal, former chair of Sony Pictures, and victim of a 2014 cyberattack that ravaged the company (her private emails were stolen, published online and picked apart by the news media)....In February 2015, Sony ousted her — not over the embarrassing emails, although those didn’t help, but because her movie operation had failed to keep pace with an entertainment industry shift toward franchise films. For Ms. Pascal, this was true devastation: She had been publicly classified as outdated, an executive from another era, when stars and stories mattered more than computer-generated visual effects......Ms. Pascal, a 59-year-old woman in an industry rife with sexism and ageism, seems to have emerged stronger and happier, having reinvented herself as a producer through her company, Pascal Pictures. She will deliver three films to three different studios this year, with more than a dozen more movies on the assembly line. .....“Amy has an extremely sharp film mind, but it’s really her passionate advocacy for scripts and for talent that will make her, I believe, one of the best producers this business has ever seen,” said Thomas E. Rothman, who succeeded Ms. Pascal as Sony’s movie chairman.......the transition from studio mogul to producer is one of the most difficult pivots in show business. Producing requires hustle in a way that running a studio does not. Mustering the necessary self-motivation often proves impossible for older studio royals used to waving a scepter. The best producers put their own egos aside and let others shine. Climbing corporate rungs usually requires the opposite tactic.....“It has been a challenge to be patient and allow myself to learn, especially at this ripe age,” she said. “There’s some discomfort in that. Starting over again means you have to shut up and listen. But you don’t want to because you want to show everybody that you know something even when you don’t.”

She continued: “You think you’re making a movie when you’re a studio executive, but you’re not. The bigger the job you have in Hollywood, the less you are actually connected to the creative process. You’re in budget meetings and talking about head count all day. Your life is reactive.”....
“I never forgot that early training,” Ms. Pascal said. “When in doubt, work.”....when she lost the Sony throne, Ms. Pascal dove into producing as a remedy.....she set up a new office within days of her Sony departure and joined Ivan Reitman to remake “Ghostbusters.” It steered her mind away from self-pity, kept her focused on the future and soothed her bruised ego.....learned about ‘plussing’ ....look at something that is pretty good and figure out how to make it even better.”
bouncing_back  Sony  Hollywood  women  packaging  entertainment_industry  midlife  reinvention  producers  films  movies  studios  self-motivation  female_empowerment  adversity  data_breaches  hustle  cyberattacks  hackers  Second_Acts 
july 2017 by jerryking
The Evolution of a Cybersecurity Firm - WSJ
By Cat Zakrzewski
May 16, 2017

......Certainly when someone is working with us today, they’re looking for us to deliver an outcome. They’re not necessarily looking for us to just provide them with a product and move on. That’s a big evolution in our model. We’re helping them manage cybersecurity risk.....It’s a big shift to go from a company that sold several products that each performed a separate security function to one that delivers an architecture designed to help customers drive more-holistic outcomes. In many cases, our customers are now asking us to help them manage and run our products for them so that they can get more value versus doing it themselves.......The problem we see in security is that often companies take the lack of attack on their company as meaning they have a good defense, and as a result do not place enough emphasis on the urgency of patching their systems to prevent future attacks.....[Cybersecurity has] gone from a back-office function to a boardroom-level issue. Now everyone in the C-suite of an organization has at least got some basic understanding of cybersecurity issues.

That’s bringing a whole level of visibility to it that we haven’t had in the past. Boards are worried about brand implications, they’re worried about intellectual property, they’re worried about business operations being interrupted, they’re worried about losing value. .....: I think the biggest mistake technical people can make is leading with the technology in both their explanation as well as in their remedies, leading with a one-size-fits-all problem. I think that’s when people get confused about what we’re trying to do. Then they think, well I can just go buy a widget and technical widgets should solve my technical cybersecurity problem. Cybersecurity is a systemic challenge. There are people issues......One key area is making sure that your partners and vendors are part of your extended, coordinated response, and that comes through clearly understanding what potential scenarios you face and then practicing what to do when an incident occurs.......Cybersecurity has a similar set of challenges, where you constantly are operating and have risks. People can be compromised, you have complex systems. You might make an acquisition where that firm had a breach and you’ve brought that into your organization. Cybersecurity is something you need to think about in a risk-based context and think about it holistically.
CEOs  McAfee  boards_&_directors_&_governance  cyber_security  cyberthreats  outcomes  risk-management  data_breaches  network_risk  threat_intelligence  one-size-fits-all  thinking_holistically  Michael_McDerment  C-suite 
may 2017 by jerryking
Cyber Heroes | Ivey Alumni | Ivey Business School
Craig believes that businesses and individuals, even countries, must accept that we live in an “era of compromise.” “You have to understand that somebody already has your sensitive data, likely a former employee,” he says. “Have you rehearsed roles for when that becomes public? Does the CEO know what she needs to say? Does the IT team know what they need to do? Being prepared with an appropriate response to data loss is a leading practice that helps maintain, or even build, an organization’s reputation.”
alumni  business-continuity  CEOs  contingency_planning  cyber_security  data_breaches  insurance  Ivey  rehearsals  risks  vulnerabilities 
march 2017 by jerryking
Why Putin would be behind the DNC computer hacking - The Globe and Mail
PATRICK MARTIN
The Globe and Mail
Published Saturday, Jul. 30, 2016

U.S. security experts have concluded with near certainty that it was two groups of hackers known in the cyberworld as Fancy Bear and Cozy Bear that penetrated the computer network of the Democratic National Committee several months ago and copied thousands of e-mails and other documents. These hackers, they say, can be traced to two of Russia’s security services: the GRU, run by Russia’s military, and the FSB, the main successor to the notorious KGB.

These operations would not have been conducted without the knowledge of Russian President Vladimir Putin, the one-time head of the FSB.

Such espionage is not totally unexpected, says David Kramer of Washington’s McCain Institute, a security-oriented “do tank” (as opposed to think tank). However, “weaponizing” the operation by releasing many of the documents through the whistle-blower website WikiLeaks, is “unprecedented,” he said.
Russia  U.S.  Donald_Trump  Hillary_Clinton  information_warfare  Vladimir_Putin  Campaign_2016  Patrick_Martin  hacking  data_breaches  cyber_security  hackers  WikiLeaks  security_&_intelligence  FSB  GRU  DNC  espionage 
july 2016 by jerryking
Why Russian hackers would meddle in U.S. politics - The Globe and Mail
DEREK BURNEY AND FEN OSLER HAMPSON
Special to The Globe and Mail
Published Wednesday, Jul. 27, 2016

But this is not just simply a titillating scandal in America’s electoral silly season. It sadly points to a fundamental weakness in the United States’ own cyberstrategy and its inability to deal effectively with autocrats who have outsized, imperial ambitions and terrorists who want to wreak havoc. Cyberattacks are increasingly the cornerstone of Russia’s regional and global military and political security strategy. They offset Moscow’s economic weakness.
Russia  hackers  cyber_security  data_breaches  cyberattacks  DNC  Campaign_2016  security_&_intelligence  autocrats 
july 2016 by jerryking
Why China Hacks - WSJ
By L. GORDON CROVITZ
Updated July 17, 2016

This case suggests a shift in China’s hacking strategy. Beijing has gone from amassing huge amounts of communications to deploying the information for its own ends. Most notably, Mr. Dahlin’s case shows that Beijing has decided it is sometimes even worth disclosing sources and methods. By showing it has access to U.S. documents, Beijing sends the message to other reformers in China that they too can be called in any time and accused of “endangering national security.”
China  hackers  security_&_intelligence  espionage  motivations  cyber_security  data_breaches  endangered 
july 2016 by jerryking
The Chinese Hackers in the Back Office - The New York Times
By NICOLE PERLROTHJUNE 11, 2016
a murky and much hyped emerging industry in selling intelligence about attack groups like the C0d0s0 group. Until recently, companies typically adopted a defensive strategy of trying to make their networks as impermeable as possible in hopes of repelling attacks. Today, so-called threat intelligence providers sell services that promise to go on the offensive. They track hackers, and for annual fees that can climb into the seven figures, they try to spot and thwart attacks before they happen.
China  hackers  cyber_security  data_breaches  pre-emption  security_&_intelligence  threats  offensive_tactics  threat_intelligence  back-office 
june 2016 by jerryking
A Computer Security Start-Up Turns the Tables on Hackers - The New York Times
By NICOLE PERLROTHJUNE 12, 2016
Continue reading the main storyShare This Page
Share
Tweet
Email
More
cyber_security  security_&_intelligence  data_breaches  hackers 
june 2016 by jerryking
Cyber stickups that retail chiefs should have learnt to fear
31 October/1 November 2015 | FT | Philip Delves Broughton

The risks in retail are now of an entirely different nature....
cyber_security  retailers  data_breaches  CEOs  Philip_Delves_Broughton  hackers  risks  Pentagon  lessons_learned 
november 2015 by jerryking
What is the dark web and who uses it? - The Globe and Mail
SERES LU
The Globe and Mail
Published Wednesday, Aug. 19, 2015
data_breaches  dark_web 
august 2015 by jerryking
U.S. Fears Data Stolen by Chinese Hacker Could Identify Spies - The New York Times
By MARK MAZZETTI and DAVID E. SANGER JULY 24, 2015

the hackers — who government officials are now reluctant to say publicly were working for the Chinese government — could still use the vast trove of information to identify American spies by a process of elimination. By combining the stolen data with information they have gathered over time, they said, the hackers can use “big data analytics” to draw conclusions about the identities of operatives....The C.I.A. and other agencies typically post their spies in American embassies, where the officers pose as diplomats working on political affairs, agricultural policy or other issues. The American Embassy in Beijing has long housed one of the largest C.I.A. stations in the world, with intelligence officers gathering information on China’s political maneuvering, economic development and military modernization.

Several current and former officials said that even if the identities of the agency officers were not in the personnel office’s database, Chinese intelligence operatives could run searches through the database on everyone granted visas to work at American diplomatic outposts in China. If any of the names are not found in the stolen files, those individuals could be suspected as spies by a process of elimination.
Chinese  data_breaches  China  hacks  CIA  espionage  security_&_intelligence  cyber_warfare  cyber_security  massive_data_sets  David_Sanger 
july 2015 by jerryking
In the Dark Corners of the Web, a `Spider' Intercepts Hackers
April 22, 2015 | Bloomberg Business| by Edward Robinson

Encircling enterprises with digital force fields to protect against invasion is an outdated strategy, as the intrusions at JPMorgan Chase, Sony, and Target have demonstrated, according to James Chappell, Digital Shadows’ co-founder and chief technology officer. IT systems have simply become too open and diffuse to keep the bad guys out.
“Social media, long supply chains, mobile technology. There is now so much that no longer lives within the castle walls; it lives beyond them,” he says. “You can no longer assume that you’ll never be hacked. You have to assume that you will be.”
Enter the spider, a program of the firm’s own design. Crawling through shadowy corners such as the Deep Web and the Tor network, the program searches 80 million data sources in 26 languages for signs that Digital Shadows’ clients are at risk.
cyberattacks  Digital_Shadows  cyber_security  banks  hackers  malware  United_Kingdom  London  data_breaches  dark_web  pre-emption  network_risk  cyberintrusions  left_of_the_boom 
may 2015 by jerryking
After Data Breaches, Attackers Return for More - The CIO Report - WSJ
April 22, 2015| WSJ | By RACHAEL KING.

Companies often talk about data breaches as if they were discrete events. But, the reality is that once a company is breached and the attackers have been booted off the corporate network, they keep coming back...Attackers typically know what they want from companies, whether that’s credit card data, intellectual property or something else. And if they don’t get it the first time, they come to work the next day and try again, said Mr. Alperovitch.

“They’ve got objectives and goals and they get measured on things, whether it’s a nation-state or a criminal, said Todd Inskeep, global security assessments vice president at Samsung.
CIOs  data_breaches  cyber_security  productivity  measurements  malware 
april 2015 by jerryking
Risky Business: BLG Sees Cyber Risks Underlining Challenges To Canadian Businesses
December 16, 2014

Borden Ladner Gervais Outlines 2015’s Top 10 Business Risks--Borden Ladner Gervais LLP’s predictions for 2015 are decidedly more worrying, as the firm issued a top ten list of business risks. At the top of the list, the firm says, is cybersecurity and the risks businesses face from hackers, data leaks, and social media. Others include risks related to First Nations land claims, anti-corruption enforcement and consumer class actions sparked by an increasing number of product recalls.
cyber_security  data_breaches  risks  cyberrisks  predictions  law_firms  Bay_Street  social_media  resilience  land_claim_settlements  product_recalls  anti-corruption  BLG  class_action_lawsuits 
january 2015 by jerryking
Sony needs to stop playing the victim - The Globe and Mail
MIA PEARSON
Special to The Globe and Mail
Published Thursday, Dec. 25 2014

2014 has us [that]...cyber attacks and hacking scandals are now a fact of life.

According to McAfee Labs 2015 Threat Predictions, cyber attacks will grow in frequency and range in 2015, and some experts believe 2015 could be the year a major company goes out of business because it failed to adequately prepare for a cyber attack.

Indeed, how your brand prepares for this new age of corporate cyber-terrorism could define your business....Sony’s real misstep has less to do with its decision to pull – and then subsequently green light – the movie, and more about their lack of leadership in place to handle this kind of situation. The strategy – or rather, lack thereof – conveyed little confidence or resilience to the public....Sony continues to play the victim card, but executives at the company only have themselves to blame for not clearly communicating the reasons for their decisions to the public and holding strong to that strategy.
crisis  crisis_management  data_breaches  hackers  cyberattacks  cyber_security  victimhood  Sony_Pictures  public_relations  Communicating_&_Connecting  threats  missteps  brands  preparation  frequency_and_severity 
december 2014 by jerryking
Holman Jenkins: Sony vs. North Korea - WSJ
By HOLMAN W. JENKINS, JR.
Dec. 9, 2014

In the cyberwar that’s coming, firewalls and antivirus software won’t be sufficient. Companies need business models that are robust against cyberattack. Sony’s isn’t, quite apart from the usual complaints now pouring forth from employees about poor workaday data security. (Excel files containing salary data apparently weren’t even password-protected.)
North_Korea  Sony  cyber_security  data_breaches  cyber_warfare  cyberattacks 
december 2014 by jerryking
Big Data rewards come with tricky set of risks for companies - The Globe and Mail
SUSAN KRASHINSKY - MARKETING REPORTER
The Globe and Mail
Published Monday, Nov. 03 2014

It was a sign that Loblaw Cos. Ltd. was taking a specific strategy with its loyalty program: telling people who shop at the company’s stores that their purchases would be recorded and tracked, but that they would be offered something of value in return: rewards for buying the things they like best.

In an age of “Big Data,” companies are scrambling to better target their communications with customers. If done right, businesses hope that this will eliminate more of the irrelevant advertising that makes people tune out at best and irritates them at worst.

But it has also thrown the advertising industry into a potentially damaging situation. As more of our behaviour is tracked, both online and off, many consumers are becoming wary about how their information is stored and used. Combine that with repeated instances of massive breaches of data security, and the corporate world faces the threat of losing the trust of consumers altogether....One area where consumer data is particularly important is in mobile advertising, where companies send people real-time offers on their mobile phones. But consumers are cautious. In supermarkets, 66 per cent of Canadians said that offers on their phones would make them uncomfortable.

“The complexity of the context is something that, if a marketer doesn’t feel their way through that, they can misstep,”
massive_data_sets  Loblaws  Susan_Krashinsky  data_breaches  mobile  contextual  advertising  loyalty_management  Aimia  privacy  risks  location_based_services  missteps 
november 2014 by jerryking
The Real Cost of Cyber Attacks -
Feb 16 2012 Emma Johnson - Sponsored Content - The Atlantic Emma Johnson - Sponsored Content - The Atlantic.

The cost of a data breach are alarming - and rising. The Poneman Institute, estimates that on average a data breach in 2010 cost organizations an average of $7.2 million, or $214 per customer record - a $10 per-record jump from 2009. Meanwhile, incidences in which companies experienced breaches for the first time resulted in average costs of a whopping $326 per record in 2010 - up from $228 the prior year.

The breakdown of these costs is also often surprising. While the bulk was attributed to lost business, the Poneman report found that 16 percent is attributed to legal defense and compliance costs. To wit, a report from cyber risk consultant NetDefense found that the average legal defense related to a data breach was $500,000, while the average settlement topped $1 million.
cyber_security  insurance  cyber_warfare  data_breaches  compliance  costs 
february 2012 by jerryking
Executive Learns From Hack - WSJ.com
JUNE 21, 2011 By EVAN RAMSTAD.

• Trust the authorities.
• Stay open and transparent."
• Learn IT and know where vulnerabilities are. "These days, the CEO
should understand the basic structure of hacking even though he cannot
do programming. A CEO has to make tradeoffs and organizational
decisions.
• Create a philosophy that drives IT decisions. "Up to a few years ago,
the hacking route was very simple. But these days, there are so many
holes. Smartphone applications, so many websites … so the CEO has many
decisions to make.
• Reassess plans for products and services. Understand that each
application creates a new route for hacking. The real cost is not the
development cost. It's also the cost of hacking exposure.
Hyundai  South_Korea  blackmail  consumer_finance  IT  lessons_learned  cyber_security  product_development  product_management  hacks  data_breaches  vulnerabilities  new_products  hidden  latent  tradeoffs  CEOs 
june 2011 by jerryking
20 Small Businesses of the Future: Privacy Protection Firm
Nov. 5, 2010 | BusinessWeek |

Privacy Protection Firm
The Idea: Your private info at risk

Stage: The need for data protection and reputation management growing
rapidly

From credit-card numbers to photos from the latest kegger, more private
information is online than ever before. Businesses need to protect that
information, and individuals need to be careful with it. Mike Spinney, a
privacy expert in Townsend, Mass., says states are only now beginning
to pass laws that require companies to have written security plans to
prevent data breach. Beyond data, a cottage industry is developing in
the field of reputation management. "The bad things we do online can be
seen by just about anybody," says Spinney. "The good things you do
online can be your social media résumé, as it were. But you don't want
an impertinent comment on Facebook to be the difference between landing,
or not landing, a job."
cottage_industries  privacy  small_business  future  private_information  reputation  reputation_management  data_breaches 
november 2010 by jerryking

Copy this bookmark:





to read