Director of Information Security Forum Says Chief Marketing Officer Should Have Major Role in Security along with CIO, CEO and Board The Information Security Forum describes itself as a not-for-profit organization that supplies “authoritative opinion and guidance on all aspects of information security.” In a piece on adage.com, Steve Durbin, managing director of ISF, offers his opinion on a CMO’s role in security and when there is a breakdown in security, i.e., a breach. The following has been excerpted from his story and edited to…

U.S. Banks Received Tens of Thousands of Dollars Charged on EMV Cards — Despite Not Having Sent Customers Chip-Enabled Cards! During World War II, British intelligence used a real dead body to create a fictitious Royal Marine Major William Martin. The body was dropped in the sea by a submarine and washed ashore on a Spanish beach where it was hoped it would fall into the hands of German intelligence. Attached to the body was a briefcase containing letters falsely stating that an Allied attack…

If I tried to rob a bank, I’d probably be caught, no matter how carefully I plan. Once caught, I would certainly face prosecution and probably be found guilty. The criminal justice system is good at handling this type of crime. I’ll stick with my day job. The story is not the same for the cybercriminals that defraud businesses and consumers of billions of dollars each year. For many years, cybercrime gangs have been getting away with their crimes. We’re just starting to turn the…

Turn on the TV, pick up a newspaper, browse your smartphone and what will you see? Most likely yet another story about the benefits of information sharing to help prevent fraud and improve cyber security. The truth, though, is that effective information sharing is about as real as ‘Crabzilla’ at the moment. Everyone’s talking about it but no-one’s actually seen it in the wild. Let’s look at why. Better together It’s become pretty clear from the continued rise in major online fraud incidents hitting the…

President Signs Executive Order to Accelerate Implementation of EMV Chip Card Tech, Set Up Website for Victims of ID Theft, and Streamline Credit Bureau Reporting and Remediation What would Washington DC be without politics? Oh, that’s right, home of the Washington Native American football team. Now that was uncalled for. Anyway, as it happens, Washington DC is synonymous with politics so it doesn’t exactly come as a surprise that the executive order the President signed to increase online security had Republicans accusing Mr. Obama of…

Survey Shows 100 Percent of E-Commerce Execs Using ThreatMetrix TrustDefender Cybercrime Protection Platform See Measurable Decrease in Fraud Rates and Chargebacks Here they come — both the holidays and the cybercriminals who prey on consumers and retailers during the holidays. According to the National Retail Federation, the 2014 holiday shopping season is expected to bring in $616.9 billion, representing approximately 19.2 percent of the retail industry’s total annual sales. And what could be more attractive to a cyberthief than a high volume of sales condensed…

RAND Corporation Chart Offers Fresh Perspective Comparing Major Breaches Occurring So Frequently — JPMorgan Chase, Home Depot and MBIA Breaches— Were Not Included News flash — all breaches are bad. Everybody knows that, but did you know… — to paraphrase (steal from?) a current Geico campaign — how bad major breaches were compared to each other? The amount of data compromised and numbers of individuals affected are often so staggering they’re difficult to visualize. Just look at these numbers: JPMorgan Chase (76 million households and…

National Cyber Security Awareness Month started off with a bang this year – the news that a breach at JPMorgan Chase compromised accounts of 76 million households and 7 million small businesses. Leading up to National Cyber Security Awareness Month, another high profile data breach was disclosed – Home Depot confirmed that 56 million credit and debit cards were exposed in a recent breach in an attack on the company’s point of sale systems. In line with this week’s National Cyber Security Awareness Month theme,…

At ThreatMetrix® we’ve made it our mission to try and build greater trust in the internet and I think we’ve assembled a pretty decent set of products and capabilities to do just that. It’s no easy feat though. The UK now boasts one of the largest e-commerce markets on the planet, with Brits spending around £91 billion a year online. Government initiatives such as the UK Trade & Investment’s e-Exporting Programme, designed to help more UK firms sell overseas via the web, will boost the…

October 16, 2014

Why Cyberinsurance?

Home Depot, Michaels, eBay, Target, Neiman Marcus, Veterans Affairs, Sony, JPMorgan Chase. Or in a Word…Data Breaches. Cyberinsurance is hotter than the Geico Gecko sunbathing on a rock in the Mojave at high noon. Too much? Anyway, the point is that in less than a decade corporations have gone from “What’s cyberinsurance?” to “Cost of doing business.” In her extensive story on northjersey.com, The Record’s Joan Verdon explores the many aspects of cyberinsurance from cost to coverage. The following has been excerpted from her piece…

(NOTE: The following is used with the permission of Byron Acohido, a Pulitzer Prize-winning journalist and editor-in-chief for ThirdCertainty, an IDt911-sponsored online publication dedicated to helping individuals and companies assess risks and embrace best security practices. Acohido will be speaking at the ThreatMetrix Cybercrime Prevention Summit 2014, November 5 – 7.) By Byron Acohido, ThirdCertainty Hundreds of companies, local government agencies and universities—including two Ivy League schools—continue to expose sensitive financial, medical, academic, personal and other records to anyone who knows a few finer points…

Don’t look now, but your life is more online and connected today than it was last year – and the trend is accelerating. Late last year, we predicted that risks associated with the Internet of Things (IoT) and critical infrastructure would be two emerging cybercrime trends this year. (See our 2014 predictions blog.) These topics are the theme of this third week of the National Cyber Security Awareness Month, “Critical Infrastructure and the Internet of Things.” IoT and Critical Infrastructure are two sides of the…

Businesses, Researchers and Academics Will Soon Be Able to Upload Files to FBI Portal to Ensure They Don’t Contain Malware The FBI offers a portal for law enforcement agencies to check out files. Now a separate FBI portal will be made available for a much wider audience. Called Malware Investigator, the portal will be accessible to established FBI partnerships, including members of the U.S. Intelligence Community (USIC), domestic and foreign law enforcement, academia, and private industry. How it works According to Charlie Osborne’s article on…

Security Guru Brian Krebs of KrebsOnSecurity Notifies Municipal Bond Insurance Association (MBIA) of Web Server Misconfiguration That Put Customer Accounts at Risk MBIA is a public holding company that offers municipal bond insurance and investment management products to diversify the holdings of insurance companies that include Aetna, Fireman’s Fund, Travelers, Cigna and Continental. In his piece on KrebsOnSecurity.com, Brian Krebs reports how he learned that MBIA had exposed countless customer account numbers, balances and other sensitive data to potential attackers. The following has been excerpted…

September was a great month if you work in fraud prevention circles. A major new agreement between the European Banking Federation and Europol’s European Cybercrime Center (EC3) will make information sharing and co-operation between the region’s law enforcers and banks more extensive and effective than ever before. It’s to be applauded. After all, fraud across Europe is increasing and becoming increasingly “cyber” in nature. An annual report from the European Central Bank back in February revealed that card fraud rose for the first time in…