Paul J. Fishman

Data Breach: Corporate security at risk

July 8th, 2013

Seems like the Business owners are not much concerned about their data security, they are not making any special efforts to defend systems against hackers. According to a San Diego State MIS professor, five men stealing data from corporate database over a period of seven years were charged by the Justice Department recently.

More than 160 million card numbers had been stolen and hundreds of millions of dollars were inflicted as financial harm to more than a dozen major companies.  No audit of said costs or detailed breakdown was provided. The alleged criminal enterprise was characterized as the largest of its kind to be prosecuted in the United States, by the Justice Department.

To obtain the login credentials and credit card numbers, a variety of hacking techniques were used by the accused, including SQL injection attacks to place malware on networks. To capture credit card transaction data from payment networks they even used network sniffer programs.

U.S. attorney Paul J. Fishman of the District of New Jersey said in a statement. “Those who have the expertise and the inclination to break into our computer networks threaten our economic well-being, our privacy and our national security. And this case shows, there is a real practical cost because these types of frauds increase the costs of doing business for every American consumer, every day. We cannot be too vigilant and we cannot be too careful.”

Murray Jennex, professor at San Diego State University MIS said despite recent improvements in dealing with SQL injection attacks and other hacking techniques, made after the defendants were engaged in their alleged conspiracy, many companies are still susceptible because they don’t test their systems adequately and they don’t spend enough money on security.”

“We’ve had economic issues so people haven’t put as much money into security as they should,” Jennex said in a phone interview. He further explained that Computer security does not generate revenue at all, so it is not considered as a priority and risk assessment is only as good as the people who conduct them.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta