My SSN was stolen and used for years. After a few years of using my SS number and name, the person changed the name with the SS office. Didn't figure any of this out until I went to change my name with the SS office when my kids started kindergarten -- had trouble because I couldn't produce an ID with this person's name. I was annoyed, but impressed with the chutzpah of the person who stole my SS number and then decided to change the name to something she liked better.
Re the govt protecting identities, I actually think the govt does a pretty good job. The govt has an enormous amount of data and when one considers how much data it has, there really have not been very many breaches.
My CyLab report shows that the financial sector is doing the best job, but even they have lots of room for improvement. The energy/utilities and industrials sectors had the lowest rankings in security practices.
I think cybercrime continues to rise and certainly tough economic times makes it more tempting. But the economy could fully recover and be going gangbusters and cybercrime would still be high. The bad guys are winning....we need to turn the tide on that.
reposting Daniel-Brian's quesion for Jody because I really want to hear what she has to say on the topic -- What are some specific precautions/best practices do you recommend, the government and really all of us take (before during and after) moving to IPv6 IPv4 dual stack?
Re my study, companies are showing great improvement in organizational activities, such as establishing a board risk committee and cross-organizational teams of senior executives to discuss privacy and security issues. These are very good. They are doing very poorly, however, in assigning key roles and responsibilities, staying abreast of cyber attacks, and reviewing cyber risks to operations.
There are lots of people engaging in cyber attacks, including nation states. I am not going to single out any one country; that would be silly. There are a few countries that appear to be more active than others, but that is just that.....it is possible that an inactive country could be more damaging in one attack. So we can view cybercriminals in categories, such as script kiddies, rogue single actors, organized cyber criminals, terrorists, and nation states, and also, of course, the insider.
I am not against cloud services all together, but I do not think companies are adequately examining the security risks and ensuring that the cloud vendor is providing adequate security and will respond appropriately and swiftly and provide the client with information needed to advance the investigation. Clouds and social media sites have serious security issues. Also see my Forbes blog on Social Media Companies Contribute to Cybercrime
@Jody-Nowadays,its very tough to figure out who is behind which cyber attack and where.Its all a massive colloborative effort.So should u want to single out any single Nation(even if its politically expedient to do so)?
Google did not, as I recall, single out China. They just said they would alert users if they suspected activity was coming from a nation state. It could come from a lot of countires, including some US allies.
Reviewing budgets helps security because the security needs of the organization are tied to budget line items and if senior management is approving them, then they are taking responsibility for adequate security or taking responsibility for not providing funding to achieve it.
Continuous monitoring can be justified and a good idea if the work situation requires it. It is a tool that can very effectively protect business interests. It is also a tool that can be abused, so it should be used within a reasonable context.
A person should not be responsible for several positions. A CIO should not also be a CISO unless they are in a small company and the needs of the organization can be met by one person and that person has both substantial IT and security expertise. CISOs also should not be CPOs, something a lot of companies do, but it creates a segregation of duties issue.
Yes, intelligence agencies are forbidden by US law from spying on US citizens. There are special courts to get permission when necessary to do so that are set up by the Foreign Intelligence Surveillance Act
There was a question about best practices. At a very basic level, companies should be ensuring they have key personnel assigned, such as CIO, CISO, CPO, and they should review annual budgets, review assessments of security programs, and receive reports on security breaches and incidents and risks the company faces from IT.
@Nicole - Gmail is different. I don't believe Hotmail or Yahoo put out their mail products with the intention to aggregate/mine the data and extract revenue from it. Also, I don't believe that Hotmail/Yahoo keep every email forever.
Totally agree re gmail. Never have used this for business. My understanding is that Google never discards an email and they have some incredibly impressive data mining tools created to extract information from aggregated data. Plus I got scared when I read some of the patents that google put out that talk about mining data from mail.
Big-data and analytics tools enable marketers to understand customers as individuals, identifying unmet needs and addressing each customer as a "segment of one," says John Kennedy, VP corporate marketing, IBM.
The whole Amazon.reader debate is a double-stupid. It's stupid to think that there's any e-book buyer who doesn't know Amazon's URL, and it was stupider to let ICANN launch the whole free-form TLD initiative to start with.
Enterprises would like to move to cloud computing but are hesitant because they are concerned about providers’ ability to secure company data. Here are some tips that help to ensure that if breaches occur, the business is not left holding the bag.
Edmunds separates customers into segments based on the info it collects on its site and from partners, and uses that to push out custom content, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
Expert Integrated Systems: Changing the Experience & Economics of IT In this e-book, we take an in-depth look at these expert integrated systems -- what they are, how they work, and how they have the potential to help CIOs achieve dramatic savings while restoring IT's role as business innovator. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?