Archive
Zurich Insurance hit with $3.5m fine…
David Meyer from ZDNet reports that Zurich Insurance was hit with a $3.5m fine by the Financial Services Authority (FSA) in the UK for failing to secure customer data. This comes from an incident when a data tape went missing in transit between processing centers. There was no evidence the data on the tape had been used or exposed, but the lack of process and policy was enough to cause the FSA and step in.
The FSA noted in their statement that:
As there were no proper reporting lines in place Zurich UK did not learn of the incident until a year later
An effective breach of the UK Data Protection Act according to the Information Commissioners Office (ICO).
Speaking at the McAfee Houston Community User Group, September 2nd..
I’ll be speaking on Data Protection and Privacy law at the Houston Community Group meeting, amongst other speakers such as Martin Littmann, Director of IT Systems Kelsey-Seybold, and John Schoweiler, Director of Security Opps, US Oncology. If you’d like to attend please contact your McAfee account manager for registration details.
Speaking on “Celebrations”, Seattle on 26th August…
No, I’m not talking about weddings or the like, Celebrations is a rather beautiful boat that sails around Lake Washington. McAfee have booked her out for a private tour. Attendance is by registration only, but if you think you might like to come you should approach your McAfee account manager.
Bon Voyage!
Speaking at “The Security Standard Conference”, NY on 13th September
For those who follow me around, I’ll be speaking at “The Security Standard” on September 13th 2010. It’s only a short spot but I’ll be introducing some new information about McAfee’s unified DLP solution, and talking briefly about data protection regulations.
Two Gulf States to Ban some BlackBerry Functions..
Following on from a failed state-wide “hack” of the Blackberry system, where the state-controlled telco etisalat tried to distribute a “performance enhancing patch” to Blackberry users (which turned out to be a state-controlled back door program), The United Arab Emirates is threatening to block e-mail sending and IM delivery on Blackberries, and Saudi Arabia is threatening to block Blackberry-to-Blackberry IM.
According to BBC News:
Both nations are unhappy that they are unable to monitor such communications via the handsets. This is because the Blackberry handsets automatically send the encrypted data to computer servers outside the two countries.
Details of 100,000,000 Facebook users aggregated for download…
This week BBC news posted an interesting story:
Personal details of 100m Facebook users have been harvested and published on the net by a security consultant.
Ron Bowles used a piece of code to scan Facebook profiles, collecting data not hidden by the user’s privacy settings.
Time to panic maybe? Well, not perhaps if you keep reading:
The list, which has been shared as a downloadable file, contains the URL of every searchable Facebook user’s profile, their name and unique ID.
Not perhaps so bad then, given the name and URL of every FaceBook user is already available within FaceBook itself – I mean if you are searching for someone, you could go to the FaceBook page, type their name in, then see a list of people with pictures etc, or, you could use this offline data set and just get their URL’s and IDs.
I guess it’s useful if you want to translate a FaceBook id into a name, but for me, this is a bit of a blown-out-of-proportion non-event.
maybe I am missing something?
100,000 Israelis data hacked by Turks via Pizza Hut…
Lucian Constantin reported this week that the personal information, including paypal and credit card details of around 100,000 Israelis was obtained by Turkish hackers from a number of compromised websites. This came to light when the information of over 32,000 Israeli internet workers, including government employees appeared in a spreadsheet on a hacking forum.
Later on, the details of another 70,000 were found in a file hacked from Pizza Hut.
Apparently according to Lucian, many people consider that theft of money from “infidels” is acceptable according to the Quran.
Mexico Passes data-leak prevention law…
Effective as of July 6th 2010, the new la Ley Federal de Protección de Datos Personales en posesión de los particulares, or “Federal Law for Protection of Personal Data held by Private Persons” enforces obligations of disclosure, and has penalties and fines. Companies must act on requests for information about personal data held, and can deny transfer of data and request deletion.
A great writeup by Roumiana Deltcheva can be found on MessageingArchitects.com, and you can get the full text of the law from the Senado site (though in Spanish of course).
“The Influence Project”…
I came across this interesting project which hopes to measure the level of “influence” people have online – Basically you register, then you try to get as many people as possible to register as well.
Yes, Steven Cobert’s going to win it for sure 😉
Still, if you want to partake, you could do worse than boost me up the ladder if you find my posts an speaking influential in a positive or negative way – fcinf.com/v/ckvy 🙂
Speaking at HITRUST in Ashburn, VA – 20th July…
For those in the Washington DC area, or those interested in information security and healthcare, I will be speaking alongside Kevin DePeugh (Executive Director, Kaiser Permanente) at the HITRUST conference in Ashburn on the 20th July. You can find out more about the HITRUST initiative from their website, http://www.hitrustalliance.net/
Who?
 | EVP Cyber Product Innovation for Mastercard. Formally the Chief Technology Officer for Intel Secure Home Gateways, CTO for McAfee Enterprise Endpoint, CTO McAfee Innovation team, and Founder/CTO SafeBoot Corp. |
Simon Says - Musings of a Technology CTO 
Comments