SECURITY WISDOM WATCH: Gee Whiz Edition
This month, we look at decisions that defy basic logic.
Thumbs down -- Anonymous: It's admirable that these guys want to stand up for freedom and human rights. Now if someone can explain what hacking a Boston police website and leaking PcAnywhere source code has to do with advancing those goals, we're all ears.
Thumbs down -- Symantec: The anti-malware giant has made some really bone-headed moves this past month, most notably its recent PR misfire over Android malware. One day they emailed us this alarming headline: "Newly Discovered Android Malware Has Infected Millions of Users." Days later, Symantec was forced to retract that statement, admitting the threat was nowhere near that level of drama. The problem with this is that people are less likely to listen to Symantec the day it alerts us to a real threat.
Thumbs down -- Attila Nemeth: The 26-six-year-old Hungarian citizen was sentenced to 30 months in prison and three years of supervised release after he sent malicious code to Marriott International Corporation, threatening to reveal confidential information taken from the company's computers if Marriott did not offer him a job. Our colleague Michael Cooney summed up this one pretty well with this headline: "How NOT to Get a Job 101."
Thumbs both ways -- RSA Conference 2012: Conference organizers threatened to pull the rug out from under BSidesSF by denying the neighboring event a waiver from its no-compete rules. RSA argued that BSides would hurt attendance on the RSA exhibit floor, even though that didn't happen in the two previous years. After much protest, RSA did the right thing and backed down.
Thumbs down -- VeriSign: The company responsible for delivering people safely to more than half the world's websites (specifically addresses ending in .com, .net and .gov), was hacked repeatedly in 2010 by outsiders who made off with undisclosed information. Instead of releasing a big statement acknowledging the incident and telling people what it was doing to fix the problem, VeriSign quietly buried the news in a quarterly Securities and Exchange Commission (SEC) filing as if it was just another routine matter. The company may have met its requirement to report the breach, but it should have done much, much more to make customers aware.
Previous Post: Autism may be a hacker's disease, but most still know right from wrong Next Post: Actor, banker, soldier, spy: Suits and Spooks Anti-Conference aims to...
What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
WHITE PAPER
Reduce Email Archives up to 60%
Are you considering implementing a proactive archiving and eDiscovery solutions? This paper summarizes 15 separate soft cost savings when implementing Symantec Enterprise Vault and the Clearwell eDiscovery Platform.
WHITE PAPER
Aberdeen Report: To Patch, or Not to Patch? (Not If, But How)
The report explores the correlation between the current use of patch management and the level of endpoint-related risk that companies are effectively accepting.
Recent Comments
Webcasts
- The CISO's Survival Guide to Securing Data
- Data Privacy and Protection in Production Environments: New Research from Ponemon Institute
- FireEye Advanced Threat Protection KnowledgeVault
- Five Tips to Consider in a Data Security Strategy for Smartphones and Tablets
- Moving Your Email to the Trusted Cloud
- Comprehensive Server Protection
White Papers
