Archive

Author Archive

European Commission requests the UK to strengthen Data Protection Regulation…

June 28, 2010 Leave a comment

This week the European Commission requested the UK to strengthen its data protection legislation to align with the EU Data Protection Directive. Claiming the UK regulations offered less protection than those required under EU rules, the UK has two months to consider the opinion and respond with measures to bring them into line.

The EU highlighted the following points:

1. The ICO cannot monitor third party country data protection rules – assessments which should come before international transfer of personal information

2. The ICO can neither perform random checks on people using or processing personal data, nor enforce penalties following the checks.

The full writeup can be found on the Europe EU Law press release page.

Categories: Data Loss, Fines, Privacy Laws Tags: , , ,

“And The Audience Says…” – Feedback from the Amsterdam Executive Summit

June 25, 2010 Leave a comment

Last month I was invited to speak at our Executive Summit in Amsterdam, where 100 or so CIOs, CEOs and other executives from the Benelux area came to hear what McAfee was up to, and tell us where we were going right (and wrong).

Not content with talking at them for the day, we plied them with good wine, crispy bread and sandwiches which you could never find the equal in Subway or Quiznos. We also gave out some homework, asking participants to complete a survey of their security concerns which came back with some interesting results: Read more…

Categories: Mastercard/McAfee/SafeBoot/Intel, Speaking Tags: , , , , , ,

4 Mechanical ways to destroy your data..

June 2, 2010 Leave a comment

I found this funny, and practical report by BBC News’ Rob Freeman on their Click Program.

Good watching if you’re in doubt as to how to dispose of those pesky old hard disks…

Categories: Data Destruction Tags: , , ,

Speaking at the ISMS Forum Spain re Innovation..

May 17, 2010 Leave a comment

A reminder for my European contacts, that I’ll be speaking at ISMS Spain in Madrid next week on the 25th May. The topic is “The role of CTO’s in Innovation, and promises to be a lively discussion. Joining me will be Mark Bregman, CIO Symantec, Nikolay Grebennikov, CTO, Kaspersky Lab, and Juan Miguel Velasco, Ass Dir of Security Services at Telefonica.

Categories: Mastercard/McAfee/SafeBoot/Intel, Speaking Tags: , , , , , , ,

Countrywide additional $600m class action..

May 9, 2010 Leave a comment

Following from the recent $20m class action suit against Countrywide Financial, they, and their owners Bank of America just got slammed with an additional $600m class action suit regarding improper practices.

Luckily, not related to any data breaches though.

Categories: Fines Tags: , ,

New China encryption rules won’t pose headaches for U.S Vendors?

May 5, 2010 Leave a comment

This week, Jaikumar Vijayan at Computerworld posted an interesting article about new Chinese rules designed to control the import of non-domestic encryption products.

Many people have infered that these new rules will mean products imported into China will be somehow compromised, or unsafe, because their details will have been released to the Chinese Government.

Nothing could be further from the truth.. Read more…

Categories: Cryptography, Encryption, Full Disk Encryption, Privacy Laws Tags: , , ,

Data Protection Projects – Where to start?

April 28, 2010 Leave a comment

One common question I get asked when I speak on Data Protection, is “what do I do first” – it’s interesting topic because although my presentation is exactly about what most people should do, and in what order, everyone and every organization is different and one size, absolutely does not fit all.

In my presentation I talk about “5 Steps to Data Protection Nirvana”: Read more…

Categories: Data Leakage Prevention, Mastercard/McAfee/SafeBoot/Intel, PHI, PII Tags: ,

Copiers give up secrets…

April 28, 2010 Leave a comment

This interesting report by CBSNews highlights the problem of not paying attention to how data leaks occur. CBS News worked with a small company who specialize in Digital Copier Security to show how easy it was to obtain sensitive data.

By simply going to a used copier supplier and buying 4 random machines at a cost of around $300 each (without knowing who their previous owners were), they were, within an hour able to retrieve thousands of page prints of sensitive data including: Read more…

Categories: Data Loss, PHI, PII Tags: , , , ,

I got a virus in my email? Me?!?…

April 27, 2010 Leave a comment
Today I received a very pleasant email from the “Student Support Center” of, I guess Hotmail? It seems I got a virus in my Helpdesk.edu account (funny, I don’t remember signing  up for it, but hey, I must have eh?).
If I respond to them with my user name and password, they will fix it for me. Thankfully, the password will be encrypted somehow magically when I reply to them.
Now, if I could only work out what my user name is…
Categories: Scams, Security/Exploits Tags: ,

Countrywide Financials Data Loss leads to $20m class action suite…

April 14, 2010 17 comments

Following on from the Countrywide Financial data breach back in 2008, they now find themselves saddled with a class action lawsuit for $20,000,000.

Countrywide Financials problems all started when employee Rene Rebollo confessed to downloading 20,000 data files per week and selling them to Wahid Siddiqi for as much as $70,000 (a total of 2.2 million people’s information was compromised), this leading to Bank Of America (their new owners) paying $350,000 to Connecticut to settle claims.

The terms of the class action can be found on http:\\www.cwdataclaims.com, but they include up to $50,000 reimbursement per incident of identity theft from a fund of $5,000,000, free credit monitoring, $90 for opening a new account, $20 per month, up to $200 for credit monitoring, $10 per hour for telephone calls etc, and many other miscellaneous things.

Categories: Fines, PII Tags: , , ,