InfoSecWriters.com - Red Tape http://www.infosecwriters.com/articles/red-tape en Information Security Management Systems http://www.infosecwriters.com/articles/2017/06/06/information-security-management-systems <div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="http://www.infosecwriters.com/sites/default/files/styles/article_image_full_node/public/field/image/elephant.jpg?itok=g3MAbEFJ"><img typeof="foaf:Image" src="http://www.infosecwriters.com/sites/default/files/styles/article_image_full_node/public/field/image/elephant.jpg?itok=g3MAbEFJ" width="700" height="420" alt="" /></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>Contributed by Dietrich Lehr</p> <p>Information has always been a vital part of any business. Today, information is shared globally in an instant and able to be accessed remotely. This has brought about the need for a method of ensuring that this information can be protected securely and unauthorized access and data loss is mitigated. There are several organizations in existence today that have sought to create a set of universal standards that can be tailored and applied to a company, regardless of size, in pursuit of information security. This paper will examine the International Organization for Standardization 27001 standard that exist today to assist companies in creating their own information security management systems. I will also examine digital commercial solutions that are designed to accelerate and automate the implementation of information security management systems used to secure information assets in the workplace.</p> <p>This document is in PDF format. <a href="http://www.infosecwriters.com/Papers/DLehr_ISMS.pdf">To view it click here</a>.</p> </div></div></div><div class="field field-name-field-rate field-type-fivestar field-label-inline clearfix"><div class="field-label">Rate this article:&nbsp;</div><div class="field-items"><div class="field-item even"><form class="fivestar-widget" action="/taxonomy/term/2/feed" method="post" id="fivestar-custom-widget" accept-charset="UTF-8"><div><div class="clearfix fivestar-average-text fivestar-average-stars fivestar-form-item fivestar-default"><div class="form-item form-type-fivestar form-item-vote"> <div class="form-item form-type-select form-item-vote"> <select id="edit-vote--2" name="vote" class="form-select"><option value="-">Select rating</option><option value="20">Give Information Security Management Systems 1/5</option><option value="40">Give Information Security Management Systems 2/5</option><option value="60">Give Information Security Management Systems 3/5</option><option value="80">Give Information Security Management Systems 4/5</option><option value="100" selected="selected">Give Information Security Management Systems 5/5</option></select> <div class="description"><div class="fivestar-summary fivestar-summary-average-count"><span class="average-rating">Average: <span >5</span></span> <span class="total-votes">(<span >2</span> votes)</span></div></div> </div> </div> </div><input class="fivestar-submit form-submit" type="submit" id="edit-fivestar-submit" name="op" value="Rate" /><input type="hidden" name="form_build_id" value="form-nuDCR_wl29EblRqkYehpC5rloZahurlSmhv445XcraQ" /> <input type="hidden" name="form_id" value="fivestar_custom_widget" /> </div></form></div></div></div> Tue, 06 Jun 2017 16:03:30 +0000 manager 470 at http://www.infosecwriters.com http://www.infosecwriters.com/articles/2017/06/06/information-security-management-systems#comments Privacy Concerns in Modern America http://www.infosecwriters.com/articles/2017/05/05/privacy-concerns-modern-america <div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="http://www.infosecwriters.com/sites/default/files/styles/article_image_full_node/public/field/image/privacy.jpg?itok=F6efbg0Q"><img typeof="foaf:Image" src="http://www.infosecwriters.com/sites/default/files/styles/article_image_full_node/public/field/image/privacy.jpg?itok=F6efbg0Q" width="429" height="311" alt="" /></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>Contributed by Reverend Jerry L Cason Jr.</p> <p>The fourth amendment to the constitution promised the right to privacy for every American citizen. Protections were put in place to help ensure these rights wouldn’t be violated. For instance, the United States government needs probable cause and a warrant to search things like our homes and person. When it comes to the Internet and technology, these types of protections don’t seem to exist. For years the government has been fighting hard to strip the privacy of American citizens online. The legality of these programs has appeared to be of no concern to the government which has been caught time and again attempting to hide these tactics from the American populace.</p> <p>This document is in PDF format. <a href="http://www.infosecwriters.com/Papers/JCason_Privacy.pdf">To view it click here</a>.</p> </div></div></div><div class="field field-name-field-rate field-type-fivestar field-label-inline clearfix"><div class="field-label">Rate this article:&nbsp;</div><div class="field-items"><div class="field-item even"><form class="fivestar-widget" action="/taxonomy/term/2/feed" method="post" id="fivestar-custom-widget--2" accept-charset="UTF-8"><div><div class="clearfix fivestar-average-text fivestar-average-stars fivestar-form-item fivestar-default"><div class="form-item form-type-fivestar form-item-vote"> <div class="form-item form-type-select form-item-vote"> <select id="edit-vote--4" name="vote" class="form-select"><option value="-">Select rating</option><option value="20">Give Privacy Concerns in Modern America 1/5</option><option value="40">Give Privacy Concerns in Modern America 2/5</option><option value="60">Give Privacy Concerns in Modern America 3/5</option><option value="80">Give Privacy Concerns in Modern America 4/5</option><option value="100">Give Privacy Concerns in Modern America 5/5</option></select> <div class="description"><div class="fivestar-summary fivestar-summary-average-count"><span class="empty">No votes yet</span></div></div> </div> </div> </div><input class="fivestar-submit form-submit" type="submit" id="edit-fivestar-submit--2" name="op" value="Rate" /><input type="hidden" name="form_build_id" value="form-11NelySiu9nPzZQt0p4RST_g63x8-J8eJHjnPY90Veo" /> <input type="hidden" name="form_id" value="fivestar_custom_widget" /> </div></form></div></div></div> Fri, 05 May 2017 13:02:04 +0000 manager 465 at http://www.infosecwriters.com http://www.infosecwriters.com/articles/2017/05/05/privacy-concerns-modern-america#comments Best Practices for Implementing Access Control Systems http://www.infosecwriters.com/articles/2017/04/28/best-practices-implementing-access-control-systems <div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="http://www.infosecwriters.com/sites/default/files/styles/article_image_full_node/public/field/image/safe.jpg?itok=huMnm_uA"><img typeof="foaf:Image" src="http://www.infosecwriters.com/sites/default/files/styles/article_image_full_node/public/field/image/safe.jpg?itok=huMnm_uA" width="232" height="290" alt="" /></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>Contributed by Isaac McGuire</p> <p>As a network administrator or information security specialist, you might find yourself wondering if your network is safe. You are constantly asking yourself, “What can I do to ensure that the data on my network is protected?” One of the ways to protect your network is what I would like to talk about and that method is through access control systems. In this paper, I am going to cover what access control is. I am also going to talk about the two different types of access control, physical and logical, and some of the methods of both. Next, and the main point, I would like to talk about the security best practices for implementing access control systems. Access control systems are powerful security tools that can help you protect the data on your network.</p> <p>This document is in PDF format. <a href="http://www.infosecwriters.com/Papers/IMcGuire_AC.pdf">To view it click here</a>.</p> </div></div></div><div class="field field-name-field-rate field-type-fivestar field-label-inline clearfix"><div class="field-label">Rate this article:&nbsp;</div><div class="field-items"><div class="field-item even"><form class="fivestar-widget" action="/taxonomy/term/2/feed" method="post" id="fivestar-custom-widget--3" accept-charset="UTF-8"><div><div class="clearfix fivestar-average-text fivestar-average-stars fivestar-form-item fivestar-default"><div class="form-item form-type-fivestar form-item-vote"> <div class="form-item form-type-select form-item-vote"> <select id="edit-vote--6" name="vote" class="form-select"><option value="-">Select rating</option><option value="20">Give Best Practices for Implementing Access Control Systems 1/5</option><option value="40">Give Best Practices for Implementing Access Control Systems 2/5</option><option value="60">Give Best Practices for Implementing Access Control Systems 3/5</option><option value="80">Give Best Practices for Implementing Access Control Systems 4/5</option><option value="100">Give Best Practices for Implementing Access Control Systems 5/5</option></select> <div class="description"><div class="fivestar-summary fivestar-summary-average-count"><span class="empty">No votes yet</span></div></div> </div> </div> </div><input class="fivestar-submit form-submit" type="submit" id="edit-fivestar-submit--3" name="op" value="Rate" /><input type="hidden" name="form_build_id" value="form-bJN4qGoHtvk6IdyNjkwrieRphbLwLfd4rIYlyyNuLlA" /> <input type="hidden" name="form_id" value="fivestar_custom_widget" /> </div></form></div></div></div> Fri, 28 Apr 2017 18:07:11 +0000 manager 462 at http://www.infosecwriters.com http://www.infosecwriters.com/articles/2017/04/28/best-practices-implementing-access-control-systems#comments PCI and Why it is Important http://www.infosecwriters.com/articles/2017/03/02/pci-and-why-it-important <div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="http://www.infosecwriters.com/sites/default/files/styles/article_image_full_node/public/field/image/credit-cards.jpg?itok=rNqjlwxn"><img typeof="foaf:Image" src="http://www.infosecwriters.com/sites/default/files/styles/article_image_full_node/public/field/image/credit-cards.jpg?itok=rNqjlwxn" width="700" height="438" alt="" /></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>Contributed by Michael Mozingo</p> <p>Millions of credit and debit card transactions are completed daily. Credit and debit card usage is steadily increasing, and with it, so is the treat of fraud. With the increase of payment card fraud, it is important for the merchants who accept these types of payments to have a common standard in place to provide security in keeping card holder information safe. This is where the Payment Card Industry, Payment Card Industry Security Standards Council (PCI SSC) and the Payment Card Industry Data Security Standards (PCI DSS) come into play.</p> <p>This document is in PDF format. <a href="http://www.infosecwriters.com/Papers/MMozingo_PCI.pdf">To view it click here</a>.</p> </div></div></div><div class="field field-name-field-rate field-type-fivestar field-label-inline clearfix"><div class="field-label">Rate this article:&nbsp;</div><div class="field-items"><div class="field-item even"><form class="fivestar-widget" action="/taxonomy/term/2/feed" method="post" id="fivestar-custom-widget--4" accept-charset="UTF-8"><div><div class="clearfix fivestar-average-text fivestar-average-stars fivestar-form-item fivestar-default"><div class="form-item form-type-fivestar form-item-vote"> <div class="form-item form-type-select form-item-vote"> <select id="edit-vote--8" name="vote" class="form-select"><option value="-">Select rating</option><option value="20">Give PCI and Why it is Important 1/5</option><option value="40">Give PCI and Why it is Important 2/5</option><option value="60">Give PCI and Why it is Important 3/5</option><option value="80">Give PCI and Why it is Important 4/5</option><option value="100">Give PCI and Why it is Important 5/5</option></select> <div class="description"><div class="fivestar-summary fivestar-summary-average-count"><span class="empty">No votes yet</span></div></div> </div> </div> </div><input class="fivestar-submit form-submit" type="submit" id="edit-fivestar-submit--4" name="op" value="Rate" /><input type="hidden" name="form_build_id" value="form-Fb_LclYe5r-af92QHnBOHjwE_mSZzqnt999B7wRAO9w" /> <input type="hidden" name="form_id" value="fivestar_custom_widget" /> </div></form></div></div></div> Thu, 02 Mar 2017 14:24:53 +0000 manager 447 at http://www.infosecwriters.com http://www.infosecwriters.com/articles/2017/03/02/pci-and-why-it-important#comments Risk Management for Healthcare Systems http://www.infosecwriters.com/articles/2016/08/09/risk-management-healthcare-systems <div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="http://www.infosecwriters.com/sites/default/files/styles/article_image_full_node/public/field/image/health.jpg?itok=3kLGpzr5"><img typeof="foaf:Image" src="http://www.infosecwriters.com/sites/default/files/styles/article_image_full_node/public/field/image/health.jpg?itok=3kLGpzr5" width="700" height="700" alt="" /></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>Contributed by Lamaris Davis</p> <p>The responsibility of risk management in healthcare systems falls on multiple individuals within any given organization. It’s well known that most hospitals and healthcare systems do not have a completely practicable risk management system that spans across an entire organization and operational structure for the delivery of key services. Ensuring the security of protected health information (PHI) in your health IT system requires that you institute measures to guard against unauthorized use or disclosure of PHI. A risk management plan should have five key parts which are administrative safeguards, technical safeguards, physical safeguards, organizational standards, and policies and procedures. For any single risk, a combination of safeguards may be necessary because there are multiple potential vulnerabilities that exist that could negatively affect healthcare systems, according to the American Society for Healthcare Risk Management.</p> <p>This document is in PDF format. <a href="http://www.infosecwriters.com/Papers/LDavis_RiskManagementforHealthcareSystems.pdf">To view it click here</a>.</p> </div></div></div><div class="field field-name-field-rate field-type-fivestar field-label-inline clearfix"><div class="field-label">Rate this article:&nbsp;</div><div class="field-items"><div class="field-item even"><form class="fivestar-widget" action="/taxonomy/term/2/feed" method="post" id="fivestar-custom-widget--5" accept-charset="UTF-8"><div><div class="clearfix fivestar-average-text fivestar-average-stars fivestar-form-item fivestar-default"><div class="form-item form-type-fivestar form-item-vote"> <div class="form-item form-type-select form-item-vote"> <select id="edit-vote--10" name="vote" class="form-select"><option value="-">Select rating</option><option value="20">Give Risk Management for Healthcare Systems 1/5</option><option value="40">Give Risk Management for Healthcare Systems 2/5</option><option value="60">Give Risk Management for Healthcare Systems 3/5</option><option value="80">Give Risk Management for Healthcare Systems 4/5</option><option value="100">Give Risk Management for Healthcare Systems 5/5</option></select> <div class="description"><div class="fivestar-summary fivestar-summary-average-count"><span class="empty">No votes yet</span></div></div> </div> </div> </div><input class="fivestar-submit form-submit" type="submit" id="edit-fivestar-submit--5" name="op" value="Rate" /><input type="hidden" name="form_build_id" value="form-Y0qDBE_eO7-GphEb5twfE1CqeaxfaVqTDl77wnD2BVk" /> <input type="hidden" name="form_id" value="fivestar_custom_widget" /> </div></form></div></div></div> Tue, 09 Aug 2016 13:27:51 +0000 manager 425 at http://www.infosecwriters.com http://www.infosecwriters.com/articles/2016/08/09/risk-management-healthcare-systems#comments Incident Response Planning In Industrial Control Systems http://www.infosecwriters.com/articles/2016/08/08/incident-response-planning-industrial-control-systems <div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="http://www.infosecwriters.com/sites/default/files/styles/article_image_full_node/public/field/image/ics.gif?itok=vP8szjkZ"><img typeof="foaf:Image" src="http://www.infosecwriters.com/sites/default/files/styles/article_image_full_node/public/field/image/ics.gif?itok=vP8szjkZ" width="288" height="249" alt="" /></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>Contributed by Bill Clark</p> <p>This paper discusses what Incident Response (IR) Planning is, what Industrial Control Systems (ICS) are, and how IR Planning pertains to ICS security. IR Planning is the process of preparing for any type of adverse event, also known as an incident, which can cause a process degradation or failure in a system. A system can be hardware, software, or a combination of both. An event can be man-made or natural in origin. An ICS is a combination of hardware and software processes that use extreme precision to automate or control most of today’s manufacturing product lines, water and power utility production plants, and transportation systems for people and products. For ICS applications and data, availability is the first priority.  </p> <p>This document is in PDF format. <a href="http://www.infosecwriters.com/Papers/WClark_IRinICS.pdf">To view it click here</a>.</p> </div></div></div><div class="field field-name-field-rate field-type-fivestar field-label-inline clearfix"><div class="field-label">Rate this article:&nbsp;</div><div class="field-items"><div class="field-item even"><form class="fivestar-widget" action="/taxonomy/term/2/feed" method="post" id="fivestar-custom-widget--6" accept-charset="UTF-8"><div><div class="clearfix fivestar-average-text fivestar-average-stars fivestar-form-item fivestar-default"><div class="form-item form-type-fivestar form-item-vote"> <div class="form-item form-type-select form-item-vote"> <select id="edit-vote--12" name="vote" class="form-select"><option value="-">Select rating</option><option value="20">Give Incident Response Planning In Industrial Control Systems 1/5</option><option value="40">Give Incident Response Planning In Industrial Control Systems 2/5</option><option value="60">Give Incident Response Planning In Industrial Control Systems 3/5</option><option value="80">Give Incident Response Planning In Industrial Control Systems 4/5</option><option value="100">Give Incident Response Planning In Industrial Control Systems 5/5</option></select> <div class="description"><div class="fivestar-summary fivestar-summary-average-count"><span class="empty">No votes yet</span></div></div> </div> </div> </div><input class="fivestar-submit form-submit" type="submit" id="edit-fivestar-submit--6" name="op" value="Rate" /><input type="hidden" name="form_build_id" value="form-eZKqb4FzpGsRIxwDnw9_f7drDOjCawRvpTb1CqdtMxA" /> <input type="hidden" name="form_id" value="fivestar_custom_widget" /> </div></form></div></div></div> Mon, 08 Aug 2016 11:53:31 +0000 manager 424 at http://www.infosecwriters.com http://www.infosecwriters.com/articles/2016/08/08/incident-response-planning-industrial-control-systems#comments Better Passwords and Policies http://www.infosecwriters.com/articles/2016/07/21/better-passwords-and-policies <div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="http://www.infosecwriters.com/sites/default/files/styles/article_image_full_node/public/field/image/password_1.jpg?itok=I4j_9UiC"><img typeof="foaf:Image" src="http://www.infosecwriters.com/sites/default/files/styles/article_image_full_node/public/field/image/password_1.jpg?itok=I4j_9UiC" width="212" height="238" alt="" /></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>Contributed by David Patten </p> <p>Everyday press releases cover information security breaches from many top companies. Often these breaches include releasing the passwords that were stolen. Sadly, these passwords are usually trivial to crack which leads to further exploitation. Simple passwords are a problem that is created by both human nature and by poor password policies and training. This paper will look at the tools used to crack passwords, the passwords users create, password policies, and look at some creative and innovate solutions to the password problem.</p> <p>This document is in PDF format. <a href="http://www.infosecwriters.com/Papers/DPatten_Better_Passwords_and_Policies.pdf">To view it click here</a>.</p> </div></div></div><div class="field field-name-field-rate field-type-fivestar field-label-inline clearfix"><div class="field-label">Rate this article:&nbsp;</div><div class="field-items"><div class="field-item even"><form class="fivestar-widget" action="/taxonomy/term/2/feed" method="post" id="fivestar-custom-widget--7" accept-charset="UTF-8"><div><div class="clearfix fivestar-average-text fivestar-average-stars fivestar-form-item fivestar-default"><div class="form-item form-type-fivestar form-item-vote"> <div class="form-item form-type-select form-item-vote"> <select id="edit-vote--14" name="vote" class="form-select"><option value="-">Select rating</option><option value="20">Give Better Passwords and Policies 1/5</option><option value="40">Give Better Passwords and Policies 2/5</option><option value="60">Give Better Passwords and Policies 3/5</option><option value="80">Give Better Passwords and Policies 4/5</option><option value="100" selected="selected">Give Better Passwords and Policies 5/5</option></select> <div class="description"><div class="fivestar-summary fivestar-summary-average-count"><span class="average-rating">Average: <span >5</span></span> <span class="total-votes">(<span >5</span> votes)</span></div></div> </div> </div> </div><input class="fivestar-submit form-submit" type="submit" id="edit-fivestar-submit--7" name="op" value="Rate" /><input type="hidden" name="form_build_id" value="form-d6xPgBtZkfwc2osDBaFvBGfXYZ8zsamRNjECNuq3zg4" /> <input type="hidden" name="form_id" value="fivestar_custom_widget" /> </div></form></div></div></div> Thu, 21 Jul 2016 13:37:29 +0000 manager 418 at http://www.infosecwriters.com http://www.infosecwriters.com/articles/2016/07/21/better-passwords-and-policies#comments Privacy and Government Surveillance http://www.infosecwriters.com/articles/2016/07/20/privacy-and-government-surveillance <div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="http://www.infosecwriters.com/sites/default/files/styles/article_image_full_node/public/field/image/govt.png?itok=-yToQTuo"><img typeof="foaf:Image" src="http://www.infosecwriters.com/sites/default/files/styles/article_image_full_node/public/field/image/govt.png?itok=-yToQTuo" width="225" height="270" alt="" /></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>Contributed by David W. Mitchell</p> <p>Federal government’s broad powers to act for public safety and national security are limited by the First Amendment and Fourth Amendment. The 9/11 attack have open the doors on warrantless surveillance programs. The mass collection of sensitive information has been challenged by many as an invasion of privacy. Snowden’s release of sensitive information has brought to light the true challenges between government surveillance and privacy. There is a true need to balance government surveillance and privacy in order to protect America. Lawmakers are starting to recognize this with the introduction of new laws to tackle and balance privacy with government surveillance. These improved laws must be introduced on a national level.</p> <p>This document is in PDF format. <a href="http://www.infosecwriters.com/Papers/DMitchell_PrivacyGovernmentSurveillance.pdf">To view it click here</a>.</p> </div></div></div><div class="field field-name-field-rate field-type-fivestar field-label-inline clearfix"><div class="field-label">Rate this article:&nbsp;</div><div class="field-items"><div class="field-item even"><form class="fivestar-widget" action="/taxonomy/term/2/feed" method="post" id="fivestar-custom-widget--8" accept-charset="UTF-8"><div><div class="clearfix fivestar-average-text fivestar-average-stars fivestar-form-item fivestar-default"><div class="form-item form-type-fivestar form-item-vote"> <div class="form-item form-type-select form-item-vote"> <select id="edit-vote--16" name="vote" class="form-select"><option value="-">Select rating</option><option value="20">Give Privacy and Government Surveillance 1/5</option><option value="40">Give Privacy and Government Surveillance 2/5</option><option value="60">Give Privacy and Government Surveillance 3/5</option><option value="80">Give Privacy and Government Surveillance 4/5</option><option value="100">Give Privacy and Government Surveillance 5/5</option></select> <div class="description"><div class="fivestar-summary fivestar-summary-average-count"><span class="empty">No votes yet</span></div></div> </div> </div> </div><input class="fivestar-submit form-submit" type="submit" id="edit-fivestar-submit--8" name="op" value="Rate" /><input type="hidden" name="form_build_id" value="form-ln9lG3t3MvLbk4auxOBTqWxrw70N8ODGINLjKnT1cJ4" /> <input type="hidden" name="form_id" value="fivestar_custom_widget" /> </div></form></div></div></div> Wed, 20 Jul 2016 14:50:09 +0000 manager 416 at http://www.infosecwriters.com http://www.infosecwriters.com/articles/2016/07/20/privacy-and-government-surveillance#comments Legal Issues of Data Held Hostage http://www.infosecwriters.com/articles/2016/06/01/legal-issues-data-held-hostage <div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="http://www.infosecwriters.com/sites/default/files/styles/article_image_full_node/public/field/image/petya-ransomware.png?itok=LoLRVnF3"><img typeof="foaf:Image" src="http://www.infosecwriters.com/sites/default/files/styles/article_image_full_node/public/field/image/petya-ransomware.png?itok=LoLRVnF3" width="700" height="700" alt="" /></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>Contributed by Robert Underwood</p> <p>Data held hostage has become a recent technology trend with computers and with these types of attacks in which crooks take a victim’s data and hold it for ransom demanding money to release our data back to us, which seems to be clearly a violation in law but how do we prosecute these criminals and what can we do to prevent these types of attack. A similar attack vector used like ransomware restricts a victim’s access to their computer functionality by popups and annoying spawning programs in which money is leveraged from the victim to stop the attack.</p> <p>This document is in PDF format. <a href="http://www.infosecwriters.com/Papers/RUnderwood_DataHeldHostage.pdf">To view it click here</a>.</p> </div></div></div><div class="field field-name-field-rate field-type-fivestar field-label-inline clearfix"><div class="field-label">Rate this article:&nbsp;</div><div class="field-items"><div class="field-item even"><form class="fivestar-widget" action="/taxonomy/term/2/feed" method="post" id="fivestar-custom-widget--9" accept-charset="UTF-8"><div><div class="clearfix fivestar-average-text fivestar-average-stars fivestar-form-item fivestar-default"><div class="form-item form-type-fivestar form-item-vote"> <div class="form-item form-type-select form-item-vote"> <select id="edit-vote--18" name="vote" class="form-select"><option value="-">Select rating</option><option value="20">Give Legal Issues of Data Held Hostage 1/5</option><option value="40">Give Legal Issues of Data Held Hostage 2/5</option><option value="60">Give Legal Issues of Data Held Hostage 3/5</option><option value="80">Give Legal Issues of Data Held Hostage 4/5</option><option value="100">Give Legal Issues of Data Held Hostage 5/5</option></select> <div class="description"><div class="fivestar-summary fivestar-summary-average-count"><span class="empty">No votes yet</span></div></div> </div> </div> </div><input class="fivestar-submit form-submit" type="submit" id="edit-fivestar-submit--9" name="op" value="Rate" /><input type="hidden" name="form_build_id" value="form-3YsH88LOxL6XR_m9PBLBohpW2AfepGOuIHy8zQH0oG8" /> <input type="hidden" name="form_id" value="fivestar_custom_widget" /> </div></form></div></div></div> Wed, 01 Jun 2016 17:24:05 +0000 manager 407 at http://www.infosecwriters.com http://www.infosecwriters.com/articles/2016/06/01/legal-issues-data-held-hostage#comments Regulations to Reduce Data Breaches http://www.infosecwriters.com/articles/2016/04/11/regulations-reduce-data-breaches <div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="http://www.infosecwriters.com/sites/default/files/styles/article_image_full_node/public/field/image/Rules_and_Regulations.jpg?itok=gMEnQ59W"><img typeof="foaf:Image" src="http://www.infosecwriters.com/sites/default/files/styles/article_image_full_node/public/field/image/Rules_and_Regulations.jpg?itok=gMEnQ59W" width="275" height="237" alt="" /></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>Contributed by David Mitchell</p> <p>Over the past years there have been targeted data breaches that affected many large corporation and even the federal government. Target store and Office of Personnel Management OPM were two of the biggest data breaches of 2015. Some of these data breaches could have been identified or remediated if the corporation or government agency reported proper notification or conducted compliance audits as required by law. The Communication Act of 1934 and Health Insurance Portability &amp; Accountability Act of 1996 are some of the regulations that protect this type of information. These regulations are due for an update by state and federal legislators to bring laws current with technology. Legislators are starting to show some focus on regulation or compliance for data breaches and cybercrimes after the data breach of Office of Personnel Management. </p> <p>This document is in PDF format. <a href="http://www.infosecwriters.com/Papers/DMitchell_Regulations.pdf">To view it click here</a>.</p> </div></div></div><div class="field field-name-field-rate field-type-fivestar field-label-inline clearfix"><div class="field-label">Rate this article:&nbsp;</div><div class="field-items"><div class="field-item even"><form class="fivestar-widget" action="/taxonomy/term/2/feed" method="post" id="fivestar-custom-widget--10" accept-charset="UTF-8"><div><div class="clearfix fivestar-average-text fivestar-average-stars fivestar-form-item fivestar-default"><div class="form-item form-type-fivestar form-item-vote"> <div class="form-item form-type-select form-item-vote"> <select id="edit-vote--20" name="vote" class="form-select"><option value="-">Select rating</option><option value="20">Give Regulations to Reduce Data Breaches 1/5</option><option value="40">Give Regulations to Reduce Data Breaches 2/5</option><option value="60">Give Regulations to Reduce Data Breaches 3/5</option><option value="80">Give Regulations to Reduce Data Breaches 4/5</option><option value="100">Give Regulations to Reduce Data Breaches 5/5</option></select> <div class="description"><div class="fivestar-summary fivestar-summary-average-count"><span class="empty">No votes yet</span></div></div> </div> </div> </div><input class="fivestar-submit form-submit" type="submit" id="edit-fivestar-submit--10" name="op" value="Rate" /><input type="hidden" name="form_build_id" value="form-FkM3TuF9fMwBTwij_n3mEvWhkWfcYow2xLg8e5vs_vk" /> <input type="hidden" name="form_id" value="fivestar_custom_widget" /> </div></form></div></div></div> Mon, 11 Apr 2016 14:28:53 +0000 manager 393 at http://www.infosecwriters.com http://www.infosecwriters.com/articles/2016/04/11/regulations-reduce-data-breaches#comments