Editor's News

Fewer than a quarter of senior business leaders reckon that they are equipped to deal with a breach, despite nearly half of organisations experiencing a loss in the past two years. The survey of 341 senior business leaders by the Economist Intelligence Unit (EIU), 41 per cent of who were c-level executives or board members, found that 57 per cent have not been trained on the correct actions to take after information has been lost....

The Jericho Forum has announced a “sundown” after ten years of developing ideas and concepts on the future of security. At the Open Group conference in central London, original board member and co-founder Paul Simmonds announced that the think tank was coming to an end. He said: “Ten years ago the Jericho Forum's mission was to put de-perimeterisation on the map of business security challenges, because it wasn't being done in any other security group....

The European Parliament has voted in favour of the new Data Protection Directive, with approval for fines to be raised from two to five per cent of global turnover. In an email sent to IT Security Guru, Unilever global privacy officer Steve Wright said that the main pillars of the draft are being supported by the EU, and the regulation is also moving to the proposed “one-stop-shop” of a single regime. Wright said: “These new...

Three police departments were recently attacked in three different nations. According to BBC news, the police and reserve bank of Australia were hacked following a rise in diplomatic tensions over alleged spying by the Australian government on Jakarta officials. Reports of the spying allegations came out in Australian media from documents leaked by whistleblower Edward Snowden, which revealed that Australian spy agencies named Indonesian President Susilo Bambang Yudhoyono, the first lady, the vice-president and other senior...

Google has announced plans to expand its distributed denial-of-service (DDoS) mitigation capabilities to become a specialised website protection service. Named Project Shield, it is a combination of Google's own DDoS mitigation capabilities and Page Speed Service to allow individuals and organisations to better protect their websites by serving their content through Google's own infrastructure, without having to move their hosting locations. It is currently free and open as an invite-only service. Google claimed that Project Shield...

The Ministry of Justice has been fined £140,000 after the details of all prisoners serving at HMP Cardiff were emailed to three of the inmates’ families. The breach was discovered when one of the recipients contacted the prison on 2nd August 2011 to report that they had received an email from the prison clerk about an upcoming visit, which included a file containing the inmates’ details. The file included a spreadsheet containing sensitive information including...

Today is the first awareness day for distributed denial-of-service (DDoS) attacks, aimed at raising awareness of the brutality of the vector and potential mitigation strategies. Hosted by a number of companies including Neustar and Arbor Networks, the all-day online event will bring together industry and government experts to raise awareness around the growing threat. In the same week as Google announced the launch of Project Shield, Neustar head of security services Susan Warner, told IT Security...

Having a “data-centric” policy may sound like a sensible option, but according to one chief security officer most businesses have no clue. Speaking to IT Security Guru, Sol Cates, CSO at Vormetric said that while the concept of encryption and encrypting data is great, all it does is stop the person running an infrastructure from seeing the information. “Our research found that 73 per cent of respondents said that they had no way of protecting...

PHP.net had a bad day yesterday, when its website was flagged by Google as hosting malware. At first it was suspected that it was a false positive, but further analysis by the web scripting website found that two servers had been hacked and set up to serve malware. According to PHP.net, its team have audited every server operated by php.net and the servers which hostedwww.php.net, static.php.net and git.php.net domains were found to be compromised. It...

It's been a few months since we heard from NSA whistleblower Edward Snowden, but the former contractor broke his silence via a statement read at the “Stop Watching Us” Rally in Washington, DC. Read by Justice Department whistle blower and attorney with the Government Accountability Project, Jesselyn Radack and published here, Snowden claimed that what we had learned in the last four months was that “no telephone in America makes a call without leaving a record with the...