@aum007 Wasn't bad. My doppelganger was a fairly responsible person. Didn't open credit cards or bank accounts. Seemed like all she used my card for was to obtain work.
My SSN was stolen and used for years. After a few years of using my SS number and name, the person changed the name with the SS office. Didn't figure any of this out until I went to change my name with the SS office when my kids started kindergarten -- had trouble because I couldn't produce an ID with this person's name. I was annoyed, but impressed with the chutzpah of the person who stole my SS number and then decided to change the name to something she liked better.
Re the govt protecting identities, I actually think the govt does a pretty good job. The govt has an enormous amount of data and when one considers how much data it has, there really have not been very many breaches.
My CyLab report shows that the financial sector is doing the best job, but even they have lots of room for improvement. The energy/utilities and industrials sectors had the lowest rankings in security practices.
I think cybercrime continues to rise and certainly tough economic times makes it more tempting. But the economy could fully recover and be going gangbusters and cybercrime would still be high. The bad guys are winning....we need to turn the tide on that.
Re Daniel Brian's question on IPv4 and IPv6....I do not know the answer to that question. I would have to ask some of the researchers and technical people that I work with. Sorry!
reposting Daniel-Brian's quesion for Jody because I really want to hear what she has to say on the topic -- What are some specific precautions/best practices do you recommend, the government and really all of us take (before during and after) moving to IPv6 IPv4 dual stack?
Re my study, companies are showing great improvement in organizational activities, such as establishing a board risk committee and cross-organizational teams of senior executives to discuss privacy and security issues. These are very good. They are doing very poorly, however, in assigning key roles and responsibilities, staying abreast of cyber attacks, and reviewing cyber risks to operations.
There are lots of people engaging in cyber attacks, including nation states. I am not going to single out any one country; that would be silly. There are a few countries that appear to be more active than others, but that is just that.....it is possible that an inactive country could be more damaging in one attack. So we can view cybercriminals in categories, such as script kiddies, rogue single actors, organized cyber criminals, terrorists, and nation states, and also, of course, the insider.
Jody, a question regarding your recent study results: Are there any specific practices that US companies are engaging in that are good, should be encouraged?
I am not against cloud services all together, but I do not think companies are adequately examining the security risks and ensuring that the cloud vendor is providing adequate security and will respond appropriately and swiftly and provide the client with information needed to advance the investigation. Clouds and social media sites have serious security issues. Also see my Forbes blog on Social Media Companies Contribute to Cybercrime
@Jody-Nowadays,its very tough to figure out who is behind which cyber attack and where.Its all a massive colloborative effort.So should u want to single out any single Nation(even if its politically expedient to do so)?
Google did not, as I recall, single out China. They just said they would alert users if they suspected activity was coming from a nation state. It could come from a lot of countires, including some US allies.
Reviewing budgets helps security because the security needs of the organization are tied to budget line items and if senior management is approving them, then they are taking responsibility for adequate security or taking responsibility for not providing funding to achieve it.
Continuous monitoring can be justified and a good idea if the work situation requires it. It is a tool that can very effectively protect business interests. It is also a tool that can be abused, so it should be used within a reasonable context.
A person should not be responsible for several positions. A CIO should not also be a CISO unless they are in a small company and the needs of the organization can be met by one person and that person has both substantial IT and security expertise. CISOs also should not be CPOs, something a lot of companies do, but it creates a segregation of duties issue.
Logs should be stored for as long as necessary to protect operations. It will depend on the type of operations being undertaken. Logs are often archived.
Yes, intelligence agencies are forbidden by US law from spying on US citizens. There are special courts to get permission when necessary to do so that are set up by the Foreign Intelligence Surveillance Act
There was a question about best practices. At a very basic level, companies should be ensuring they have key personnel assigned, such as CIO, CISO, CPO, and they should review annual budgets, review assessments of security programs, and receive reports on security breaches and incidents and risks the company faces from IT.
What are some specific precautions/best practices do you recommend, the government and really all of us take (before during and after) moving to IPv6 IPv4 dual stack?
Will, InfoWeek: If you could re-post your questions so Jody can see them up top, that'd be great. And anyone else who has questions, please share them now! Aum, lin, kkohli, etc.!
Have to agree, Mark K. Combatting cybercrime is a noble objective, but enterprises can't wait for victory. Like waiting for victory in the war on drugs.
@Nicole - Gmail is different. I don't believe Hotmail or Yahoo put out their mail products with the intention to aggregate/mine the data and extract revenue from it. Also, I don't believe that Hotmail/Yahoo keep every email forever.
Totally agree re gmail. Never have used this for business. My understanding is that Google never discards an email and they have some incredibly impressive data mining tools created to extract information from aggregated data. Plus I got scared when I read some of the patents that google put out that talk about mining data from mail.
I have to say, multiple sources in a Times story can't be dismissed so easily. The Times knows the names of the people Sanger spoke to, and the Times editorial staff is not dumb.
Excellent! We'll ask as many of your questions as we can on the air, but in case we don't get to them, she'll answer them here on the chat board after the live audio program.
Big-data and analytics tools enable marketers to understand customers as individuals, identifying unmet needs and addressing each customer as a "segment of one," says John Kennedy, VP corporate marketing, IBM.
New York's Metropolitan Transit Authority is conducting a pilot test of digital kiosks to guide subway users to where they want to go more efficiently and at lower cost.
The whole Amazon.reader debate is a double-stupid. It's stupid to think that there's any e-book buyer who doesn't know Amazon's URL, and it was stupider to let ICANN launch the whole free-form TLD initiative to start with.
While NFC's original goal was to enhance mobile commerce applications, it is finding its way into a number of other uses, which is creating both opportunity as well as challenges for IT departments.
Enterprises would like to move to cloud computing but are hesitant because they are concerned about providers’ ability to secure company data. Here are some tips that help to ensure that if breaches occur, the business is not left holding the bag.
Edmunds separates customers into segments based on the info it collects on its site and from partners, and uses that to push out custom content, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
The IBM Smarter Commerce Global Summit in Monaco kicked into high gear today, and we've already begun to see news emerging from that lovely city-state by the sea.
Expert Integrated Systems: Changing the Experience & Economics of IT In this e-book, we take an in-depth look at these expert integrated systems -- what they are, how they work, and how they have the potential to help CIOs achieve dramatic savings while restoring IT's role as business innovator. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
To save this item to your list of favorite Internet Evolution content so you can find it later in your Profile page, click the "Save It" button next to the item.
