to help enterprise security across Europe
The resource centre for busy senior executives seeking the latest insights into IT Compliance & Privacy issues for major organizations
 
sarbaines oxley ofcom communications regulator
Latest Resources      data protection register
compliance resources privacy resource center

Breaking Global News
Global Compliance and Privacy News
- Breaking News, updated every 30 minutes
•   Compliance, Privacy and Security
•  Money Laundering
•  Phishing
•  Regulatory Issues
•  SOX, Basel 2, MiFID


You Tell Us:
S
S
L

T
E
C
H
N
O
L
O
G
Y
We use SSL Technology for web data entry points:

Always
Sometimes
Never
What is SSL?

News
Are Smartphones Endangering Security? - Wick Hill
Dealing with Internet Security Threats - Ian Kilpatrick
How the New EU Rules on Data Export Affect Companies in and Outside the EU - Thomas Helbing
Farmers' Data Leak Highlights Old Technology Use - Wick Hill
Saving Money with SFTP - Wick Hill
UK Information Commissioner targets firm selling vetting data - Eversheds e80
12 Key Steps to Internet Security - Wick Hill
Telephone Monitoring Legality in the UK - Dechert
Firewall or UTM - Wick Hill
UK Information Commissioner demands mobile device encryption - Eversheds e80
Data loss - liability, reputation and mitigation of risk - Eversheds e80
Phorm, Webwise and OIX - BCS Security Forum
The challenges of PCI DSS compliance - Thales, Russell Fewing
"Quality" Data Vendor Spams us! Editor astounded!
National Gateway Security Survey 2008 - Wick Hill
Unified Threat Management - Watchguard Technologies

news archives
:
0 | 1 | 2 | 3 | 4 | 5 |
6 | 7 | 8 | 9 | 10 | 11 |
12 | 13
[What is this?]

Industry Blogs
Tim Berners Lee's Blog
Tim Callan's SSL Blog
Davis Wright Tremaine's Privacy & Security Law Blog
Emergent Chaos Blog
Michael Farnum's Blog
Phillip Hallam-Baker's Blog - The dotFuture Manifesto: Internet Crime, Web Services, Philosophy
Stuart King's Security and Risk Management Blog
David Lacey's IT Security Blog
Metasploit Official Blog
Jeff Pettorino's Security Convergence Blog
Jeff Richards's Demand Insights Blog
David Rowe's Risk ManagementBlog
Bruce Schneier's Security Blog
Larry Seltzer's Security Weblog
Mike Spinney's Private Communications Blog
Richard Steinnon's Threat Chaos Blog
The TechWeb Blog
Tim Trent's Marketing by Permission Blog
Rebecca Wong 's DP Thinker Blog

Newsletters
23 February Newsletter
Newsletter Archives are located in "News"

Industry Update
Internet Security Intelligence Briefing - November 2005
Find out the latest trends in e-commerce, web usage & the latest threats from adware/Spyware

Reports
Phorm, Webwise and OIX
- BCS Security Forum

'The Any Era has Arrived, and Everyione has Noticed' - Stratton Sclavos - VeriSign
Identity Security - Time to Share
Malicious code threats - iDefense
Public Alerts - updated as they happen from Stopbadware.org
Public Alerts - updated as they happen from Websense
Public Advisories - updated as they happen, from iDefense
Phoraging - Privacy invasion through the Semantic web: a special report by Mike Davies of VeriSign

Legislation
Privacy Laws & Business International E-news, Issue 57
Privacy Laws & Business UNited Kingdom E-news, Issue 60

Security Reviews
February 2007 - VeriSign Security Review
The security review archive is here

Case Studies
Finance Industry
Case Study Example

A case study on a Finance industry company.

White Papers
VeriSign® Intelligent Infrastructure for Security
VeriSign® Intelligent Infrastructure: An Overview
Identity Protection Fraud Detection Service - description of the service
Life of a Threat - Video on Threat Management Lifecycle
Optimizing Enterprise Information Security Compliance - Dealing with all the audits
For a full list of all whitepapers, visit our Whitepaper library

Legal Notices
Privacy Policy
Terms of use

basel 2 sarbanes oxley
    legislation
data controller notification binding corporate rules BCR data transfer third countries third part data transfer basel 2 regualtor regulation regulate FSA banking network security RSA encryptin algorithm Bits sacked bank staff
Blogs compliance Reports compliancy Legislation Data Protection Case Studies data privacy White Papers data protection act News information commissioner Events security standards Links information security iDefense
Retail Solutions

VeirSign Security Reviews

compliance and privacy

Current News Updates

VeriSign Security Review - February 2007

While at RSA, stop by the VeriSign booth #1409 for more on our layered, systematic approach to mitigating threats to user confidence, network security, and growth of the digital economy. The exhibit features our new VeriSign Secure Site Pro with EV SSL Certificates and the VeriSign Identity Protection (VIP) suite of services.  Experts in managed security, PKI, security consulting, and enterprise mobility will also be on hand to demonstrate VeriSign services.

In This Issue:

Hot Topics

Monthly Threat Summary

  • Though Microsoft's latest security bulletin included only three critical vulnerabilities, all of them are in widely used products, and hackers will doubtless launch concerted attempts to exploit them. All VeriSign customers are urged to read Microsoft's bulletins and download patches as appropriate.

News from VeriSign

  • VeriSign Powers NBX Video for Sports Fans
  • Adobe and VeriSign to Transform Distribution of Rich Media Online
  • Open Media Network Selects VeriSign to Bring Full Screen, DVD-Quality Television Programs from the Internet—Right to TV Screens

Security Events

  • February 5 - 9 RSA Conference, San Francisco, CA
  • February 12 – 15 3GSM World Conference, Barcelona, Spain
  • March 19 – 22 TelecomNext, Las Vegas, NV

Hot Topics

Sclavos Makes Security Simple in RSA Keynote

Stratton Sclavos, Chairman and CEO of VeriSign, will give a keynote presentation entitled “Security Made Simple” at the RSA 2007 Conference, which takes place in San Francisco on February 5-9, 2007.

Sclavos' theme is that this is the “Any Era,” when millions of users interact via laptops, PDAs and cell phones anywhere, anytime, across any network. They expect to choose how, when, and where they communicate and conduct commerce. But along with digital freedom comes new security threats. As enterprises rebuild architectures to provide legitimate users with easier, more integrated access to data of all kinds, criminals find new opportunities to attack networks, steal identities, and damage corporate reputations. Now more than ever, organizations need an interdependent approach to identity management as well as expert assistance in enabling and protecting networked interactions.

In his keynote, Sclavos will describe “day in the life” overviews of typical consumers and their everyday needs for digital infrastructure to enable and protect their communications, commerce, content, and information while at the same time making these services simple and secure. He will also describe how VeriSign and others are currently taking Internet security to the next level through Extended Validation (EV) SSL, the biggest advancements to online security in the past 10 years which will benefit consumers and businesses alike.

Although there is no single “magic bullet” to resolve or prevent all digital security problems, a layered, systematic approach is the best protection for an organization. Sclavos will speak briefly about how the VeriSign approach helps protect users, enterprises, and/or networks with a number of key product and service offerings. These include VeriSign Managed Security Services (MSS), which have helped hundreds of the largest organizations in the world reduce security risks to reputation, operations, and compliance through better threat detection, superior analysis, and prioritized response.

Register for the conference .

Attend the following VeriSign presentations while at RSA 2007:

Stratton Sclavos - Security Made Simple ; Feb. 8 at 2:00pm in Hall D

Tim Callan - Maximizing Trust on the Web: New Extended Validation SSL Certificates and Internet Explorer 7 .; Feb. 6 at 1:30pm- 2:40pm

Phillip Hallam-Baker -  Extended Validation: A Renaissance for Digital Certificates? ; Feb. 7 at 10:40am – 11:50am (Rob Franco, Lead Program Manager, Microsoft will also be presenting at this session)

Phillip Hallam-Baker -  Unlinkable Identifiers: Privacy Protection in the Identity 2.0 World ; Feb. 9 at 11:10am – 12:00pm

Troy Kitch - Building Trust with Internet Explorer 7 and Extended Validation SSL ; Feb. 7 at 3:30 – 4:00pm (Markellos Diorinos from Microsoft will also be presenting at this session)

Back to Top

Get the Green Light for Your Online Business

This year, consumers and businesses are going to start looking for a green address bar on every Web site they visit. When sites have Extended Validation (EV) SSL certificates, the Microsoft® Internet Explorer 7 address bar turns green and displays the name of the certificate owner and the verifying Certificate Authority-so it's more important than ever to go with the name customers prefer most. VeriSign is the SSL Certificate provider of choice for more than 93% of the Fortune 500 and the world's 40 largest banks.

The security status bar shows that the transaction is encrypted and the organization has been authenticated according to the most rigorous industry standards. All VeriSign EV SSL Certificates come with EV Upgrader™ (a $300 value), the first-ever technology that automatically enables all visiting Microsoft Windows XP clients to see the green bar on your site. Without EV Upgrader, only Microsoft Windows Vista clients are sure to see the green address bar. (Find out more about SSL Security and Extended Validation. )

Millions of Internet users worldwide still use browsers and operating systems that will not connect at the strongest encryption level available to them unless there is an SGC-enabled certificate on the server. VeriSign SGC-enabled SSL Certificates enable 128- or 256-bit encryption for more than 99.9% of Internet users.

Combine the highest authentication available (EV) with the highest encryption available (SGC) and get VeriSign Secure Site Pro with EV. When you protect your site with Secure Site Pro with EV and display the VeriSign Secured™ Seal , your customers know that their transactions are secure and you are who you say you are.

Back to Top

HSBC to Implement VeriSign Fraud Detection Service to Enhance Customer Protection

HSBC USA Inc., the U.S. banking unit of one of the world's largest financial services companies, and VeriSign announced an agreement for HSBC USA to deploy the VeriSign Identity Protection (VIP) Fraud Detection Service (FDS) to enhance the protection it provides to customers to prevent identity theft and fraud.

“The VeriSign Fraud Detection Service provides additional online authentication and fraud monitoring, which will enhance the measures the bank already employs to safeguard customer information and assets when banking over the Internet,” said Martin Hayes, senior vice president and head of e-business, HSBC USA. “Protecting customers' accounts and identities is of paramount importance.”

VeriSign VIP FDS includes a state-of-the-art risk engine that offers layered, risk-based authentication and fraud prevention capabilities. VeriSign VIP FDS runs behind the scenes, utilizing advanced anomaly detection technology which flags potentially fraudulent activity while continuing to ensure a favorable user experience and timely delivery of services.

Back to Top

Monthly Threat Summary

Though Microsoft's latest security bulletin included only three critical vulnerabilities, all of them are in widely used products, and hackers will doubtless launch concerted attempts to exploit them. All VeriSign customers are urged to read Microsoft's bulletins and download patches as appropriate.

The last few months of 2006 saw a widespread “professionalization” of cyber crime, and this trend is likely to continue. Hackers are creating ever-more-sophisticated phishing tools and virus authors are increasingly employing complex techniques to evade anti-virus software. Unfortunately, it is all too likely that the attacks and techniques launched in 2007 will make much of the cyber crime activity from the past year seem amateurish by comparison.

For example, over the past few weeks, several news articles have reported on a new, extremely sophisticated phishing kit that apparently is gaining widespread popularity in the underground. Rather than generating a new phishing Web site, the “Universal Man-in-the-Middle Phishing Kit” reportedly enables an attacker to establish a conduit between the victim and a legitimate Web site, and use it to steal information transmitted by the victim to the legitimate site. This is a very sophisticated attack technique, but the kit (with a simple, user-friendly interface) makes it available to even relatively unskilled cyber criminals. Perhaps the most worrisome feature of this phishing kit is that it can reportedly be used against any phishing Web site and intercept any sort of sensitive information.

Hackers have also come up with a new technique to make their computer viruses and other malicious code more difficult for anti-virus software to block. The technique, known as “dynamic code obfuscation,” involves automatically altering (“obfuscating”) a malicious code to make it undetectable by anti-virus filters, which look for specific strings of code when deciding what files to block. Two victims of the same code, in other words, would get two different versions of the code, each of them unrecognizable by anti-virus software.

Back to Top

News from VeriSign

VeriSign Powers NBX Video for Sports Fans

NBX, an online sports entertainment company, will use the new VeriSign® Intelligent Content Delivery Network (CDN) to help it deliver high-quality, secure podcasts and videocasts to sports fans via the Internet. 

Read the press release .

VeriSign  and Adobe to Transform Distribution of Rich Media Online

VeriSign and Adobe Systems Incorporated will collaborate on integrating Adobe® Flash technologies with VeriSign's peer assisted content distribution. The combined services will allow companies to deliver customized interactive Flash Video experiences, including movies, TV shows, broadcast media, and  user interface technologies.

Read the press release.

Open Media Network Selects VeriSign to Bring Full Screen, DVD-Quality Television Programs from the Internet—Right to TV Screens

Open Media Network (OMN) has selected VeriSign CDN to enable consumers to watch shows downloaded from omn.org on their television sets. Consumers can watch programs in DVD or HDTV quality on intelligent TVs using set top boxes.

Read the press release .

Back to Top

Security Events

February 5 - 9 RSA Conference, San Francisco, CA

The annual RSA Conference is the leading electronic/data security conference worldwide, and VeriSign is a Platinum sponsor. This year, come hear Stratton Sclavos, Chairman and CEO of VeriSign, give a keynote presentation entitled “ Security Made Simple ,” and check out the session by Tim Callan, VeriSign Director of Product Marketing, on  “ Maximizing Trust on the Web: New Extended Validation SSL Certificates and Internet Explorer 7 .”

February 12 – 15 3GSM World Conference, Barcelona, Spain

The world's largest exhibition for the mobile industry is also a cutting-edge congress featuring the most prominent chief executives representing mobile operators, vendors, and content owners from across the world. Stratton Sclavos, Chairman and CEO of VeriSign, will be participating in two sessions: “Clash of cultures: who wins when entertainment and communications converge?” and “CEO strategies for growth: Can the mobile Web experience be anything but second best?”

March 19 – 22 TelecomNext, Las Vegas, NV

TelecomNEXT, the communications and entertainment industry's collection of cutting-edge products and technologies, provides an exciting preview of the next revolutions in communications and entertainment

Back to Top

 


This site is independent of all its sources
The contents of the site are sourced from across the industry. All copyrights are acknowledged.