|Compliance and Privacy News|
If you’ve been watching the news lately then this week’s articles will hardly be a surprise. Finally the Government has recognized that "cybercrime" is a real threat to e-commerce and has announced a new initiative to address it. But, as our article makes clear, it’s hardly been welcomed by security professionals. Meanwhile, in the US they have belatedly acknowledged that the greatest threat to security is from staff. So now a new "blacklist" of staff sacked for security breaches is being developed – we ask if it ‘it’s likely to be replicated in the UK.And if you are involved at all with security, you’ll want to take part in the iDefense webcast on Thursday morning.
We welcome your comments and views – why not post your views on these articles on our website today via our new Discussion Groups? The link is at the bottom of this email.
P.S. Don't forget to take part in our poll at www.complianceandprivacy.com
Please join VeriSign iDefense for a WebCast presentation entitled "Targeted Malicious Code Attacks" on Thursday, Nov. 3, 2005 at 7pm GMT. (That's 2pm EST, 8pm CET)
Recent news stories about a report from the UK National Infrastructure Security Coordination Centre (NISCC), followed by a similar but separate CERT advisory, have generated much concern about targeted cyber attacks, including the likelihood and potential impact of such attacks. It is the purpose of this report to provide an overview, select examples, exploits and code, the likelihood and impact, and mitigation measures of targeted malicious code attacks.
For some time now, security experts have begged the U.K. Government to tackle the problem of hacking and zombie networks by targeting ISPs who let malware through their networks and onto end users' computers. With the launch of the Get Safe Online campaign last week as a joint initiative between the U.K. Government, the National Hi-Tech Crime Unit and private sector sponsors those demands are being made with even greater urgency. Now experts are criticizing the campaign for failing to confront ISPs over the problem of malware.
Blacklist of 'risky' bank staff Major US Banks are looking at a new defence against insider fraud: a database of employees who are known to have compromised security. Banks and similar organisations already run reference and background checks on new employees but an extra security measure is needed according to Bits, a consortium of 100 of the largest US financial institutions. The new database, announced last week, will list information on employees at financial institutions who were fired because they compromised customer data or knowingly caused financial losses, the group said.
Last week, VeriSign announced the acquisition of Retail Solutions, Inc. (RSI), a leading provider of operational point-of-sale (POS) data to the retail industry.
The addition of RSI’s customers and core technology to VeriSign’s Intelligent Supply Chain Services platform extends the growing role VeriSign’s scalable, secure infrastructure is playing in the $8 trillion worldwide supply chain. Operational POS data provides detailed information about the volume and value of product sales through retailers, and is increasingly being combined with other "demand data" and new technologies such as RFID to increase sales and reduce costs, benefiting both retailers and their suppliers.
Readers should note that references to VeriSign's sponsorship are historical. That sponsorship ended on 28 February 2007, and is simply included here for context and historical purposes. VeriSign is not formally associated with this site in any manner, and has asked us to emphasise this point.