Articles

Articles by Dovell Bonnett

Browse every published article connected to Dovell Bonnett, with exact attribution and full-archive search.

articles
28
shown per page
50
search signals
Topic + expert

Articles

28 articles by Dovell Bonnett · showing 28

Browse every published article connected to Dovell Bonnett, or search within this exact expert archive.

By Dovell BonnettRecently published1 topic

Is online identity theft real?

I find it ironic how some security firms like to dismiss online identity theft based upon the FBI/CSI study especially since 56% of all breaches were classified as “Don’t know how information was taken”. How is that possible?

Primary topic: Identity Theft
Identity Theft
808 views
Read article
By Dovell BonnettRecently published1 topic

2012 – The Year of Cyber Espionage?

Lucian Constantin’s recent article “Expect more cyber-espionage, sophisticated malware in ’12, experts say” states that cyber-attacks in 2012 will increase with more sophisticated malware. Certainly companies like MicroTrend, Symantec and others have their work cut out for them to eradicate these attacks once they are launched. But taking a step back, the question arises as to how malware is first getting into the networks. Answer: employee’s carelessness.

Primary topic: Identity Theft
Identity Theft
1,980 views
Read article
By Dovell BonnettRecently published1 topic

ARE GOVT. WEBSITES DESIGNED BY PRESCHOOLERS?

It has been reported that Paul Ducklin, Head of Technology for Sophos, referred to the Lulz Security (LulzSec) hackers as “schoolboys.” He added that most of the break-ins were “languorously orchestrated, using nothing more sophisticated than entry-level automatic web database bug-finding tools, available for free online.” So are schoolboys hacking sites designed by preschoolers?

Primary topic: Identity Theft
Identity Theft
1,473 views
Read article
By Dovell BonnettRecently published1 topic

Is Your Cloud Provider Sidestepping Security?

When you accept that cloud provider’s contract to store or backup your company’s data on their servers, did you read the fine print? According to Gartner, 2012 may be the year that Cloud Services gets a big boost because companies are looking to decrease IT costs, have more access form remote users and offer more services to your customers. But, at what cost?

Primary topic: Identity Theft
Identity Theft
948 views
Read article
By Dovell BonnettRecently published1 topic

Stupid Things You do Online to Compromise Your Identity

Lifehacker recently posted a great article called The Stupid Things You Do Online (and How to Fix Them). Here are some of additional comments that may also be helpful. Stupid Thing #1: You Undervalue Your Personal Data Did you know that when a company goes through valuation by a venture capitalist the number of email accounts is reviewed? So while you might not value your information, corporate America does. Stupid Thing #2: You Submit Sensitive Information Over an Insecure Connection

Primary topic: Identity Theft
Identity Theft
2,638 views
Read article
By Dovell BonnettRecently published1 topic

Passwords Don't Have to Threaten Business Security

The emergence of the World Wide Web as a global, around the clock marketplace has opened a multitude of new opportunities to businesses which have never before been seen. Computers and global communication networks have brought vendors, customers and markets together in new and beneficial ways. Along with all of the benefits which business has gained from the information age come some downsides. New crimes have not been created by new technology, but rather new technology has given new tools to criminals to commit the same crimes as they always have.

Primary topic: Identity Theft
Identity Theft
982 views
Read article
By Dovell BonnettRecently published1 topic

Chinese Computer Hacking of Chamber of Commerce has Already Hurt Your Business

On December 21, 2011 the Wall Street journal reported that U.S. Chamber of Commerce was hacked. Many of the major media outlets are all re-publishing the report. But, if you look at the fine print you will discover that the attack occurred back in November 2009 and was discovered in May 2010. That left the Chamber’s 3 million company members uninformed and their information vulnerable for two years as the FBI and cyber investigators analyzed the attack.

Primary topic: Identity Theft
Identity Theft
1,890 views
Read article
By Dovell BonnettRecently published1 topic

What To Do When Your Company Network Is Hacked

I have written many articles and blogs warning about the cost to a company from a security breach. Ben Worthen, a staff reporter in The Wall Street journal’s San Francisco bureau, wrote a great article “What to Do if You’ve Been Hacked” on September 26, 2011, where he has highlighted some key things to do. All the points are excellent but the #1 “to do” is to not ignore the attack and hope it goes away. It won’t! Here is some advice if your company network has been hacked:r

Primary topic: Identity Theft
Identity Theft
1,511 views
Read article
By Dovell BonnettRecently published1 topic

Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners

With all the news articles about China hacking into American companies, India breaking into the US Government, Wikileaks, data breaches, cyber-attacks, Pentagon elevation that cyber-attacks could be regarded as an act of war, etc., I thought I had better educate myself and make the leap from identity theft protector to cyber warrior.

Primary topic: Identity Theft
Identity Theft
2,494 views
Read article
By Dovell BonnettRecently published1 topic

Smart Card Alliance Weakly Defends The Industry

The Smart Card Alliance offers platitudes but don’t identify the culprits! The Smart Card Alliance released their weak response to the recent Sykipot Tojan attack which hijacked the Department of Defense authentication smartcards. Unlike hypothetical attacks on smartcards (the Chinese Remainder Theorem Attack comes to mind with the use of a microwave oven and a calculator) this is a real threat to the security of one’s network and data but not so much to the smartcard itself.

Primary topic: Identity Theft
Identity Theft
1,878 views
Read article
By Dovell BonnettRecently published1 topic

My 3 Top Security Strategies for 2012

In Justine Rivero’s latest article “Three New Ways to Protect Your Identity in 2012” she is absolutely correct that smartcards for secure payment is needed because it is better to use security upfront than rely on identity theft protection after the fact. But why stop at payment? Smartcards offer secure data access to medical records, corporate networks, online commerce sites, computer logons, applications, and anything else where user authentication is required.

Primary topic: Identity Theft
Identity Theft
1,820 views
Read article
By Dovell BonnettRecently published1 topic

Zappos Data Breach - Customer Safety and Security

Online shoe and apparel shop Zappos, now owned by Amazon, reported earlier this week that 24 million users names, e-mail addresses, billing and shipping addresses, phone numbers, and the last four digits of credit card numbers may have been illegally accessed. In response to this breach, Zappos has expired and reset all passwords. They have also temporarily foregone using their 800 number phone service in an effort to redeploy customer-service representatives to respond to customer email.

Primary topic: Identity Theft
Identity Theft
1,972 views
Read article
By Dovell BonnettRecently published1 topic

Ten Electronic Devices Security Tips When Traveling Abroad

Cyber Warefare – Safeguard Your Electronic Devices. When employees travel abroad here are ten electronic devices security tips I pulled from a recent New York Times article, “Traveling Light in a Time of Digital Thievery” by Nicole Perlroth. Nicole discusses electronic devices security policies and practices of the State Department, Google, Bookings Institution, and McAfee executives when traveling to China and Russia.

Primary topic: Identity Theft
Identity Theft
3,038 views
Read article
By Dovell BonnettRecently published1 topic

Data Security is Mandatory

What is a data breach? A data breach occurs when customer information held by a company, business or institution is accessed, used, collected, retained or disclosed in a manner which is not in accordance with the applicable privacy laws and regulations and/or the company's own policies regarding customer information and privacy.

Primary topic: Identity Theft
Identity Theft
1,012 views
Read article
By Dovell BonnettRecently published1 topic

Preventing Physical Identity Theft

Physical identity theft occurs when thieves come in close contact with their victims or the information they’re stealing. for example, Thieves may engage in dumpster diving, where they look through garbage, or literally dumpsters. to find papers with account numbers, addresses, name of family members, Social Security Numbers, drivers license numbers, or anything else that identified an individual.

Primary topic: Identity Theft
Identity Theft
2,187 views
Read article
By Dovell BonnettRecently published1 topic

Don’t Wait for Windows 8 to Secure Your Passwords

This week the press is all agog about how Windows 8 is going to “securely” manage passwords. Win 8 will do this with LiveID, syncing passwords across multiple computer platforms, using “TrustedID” to authenticate the computer, and storing all your long complex passwords in the cloud or on your device. But the sense of security is still misplaced. When it comes to security, multi-authentication is the first topic that comes up, and these are: 1. Something you have. (Smart Card, token, etc.) 2. Something you know. (Password, PIN or pattern)r

Primary topic: Identity Theft
Identity Theft
2,126 views
Read article
By Dovell BonnettRecently published1 topic

Safeguard Business Data - Value Advantage of Integrating Logical Access on an Employee ID Badge

Many large corporations and government agencies have found the cost savings, security and employee convenience very compelling to integrate logical access into the employee badge. However, the two biggest barriers in getting small to medium size businesses, clinics and agencies to follow suit have been: Awareness and Cost. Awareness:

Primary topic: Identity Theft
Identity Theft
1,227 views
Read article
By Dovell BonnettRecently published1 topic

ISSA's SoCal Security Symposium

Great information but forgot a key security component. User Authentication. On Wed 26th of October I attended the Information Systems Security Association (ISSA) Security Symposium in Long Beach, Califo ia. Different security leaders discussed poignant topics like Ali Pabrai’s, CEO ecfirst.com, “Checklist for Addressing Breach Readiness” to the lighter hearted David Perry’s, Global Director Education Trend Micro, presentation “Security from the Cloud, for the Cloud, and by the Cloud”. There were also a number of vendor stations discussing a wide array of security products and services.r

Primary topic: Identity Theft
Identity Theft
1,801 views
Read article
By Dovell BonnettRecently published1 topic

Shady RAT World Wide Hacking

Recently McAffe published a worldwide hacking report about what they are calling Shady RAT. The United Nations, Olympic committees, governments, U.S. real estate company, a major media organization based in New York, a satellite communications company and other companies around the world, totaling 72 organizations, have been hacked by a “state actor”.

Primary topic: Identity Theft
Identity Theft
1,711 views
Read article
By Dovell BonnettRecently published1 topic

Rumors of Password Death Are Greatly Exaggerated

McAfee recently revealed that 72 different organizations around the world have been victims of cyber-spying. With attacks likely to increase, it is important to note that strengthening your access controls ensures that you have a higher level of security for all those who are attempting to access the network.

Primary topic: Identity Theft
Identity Theft
1,386 views
Read article
By Dovell BonnettRecently published1 topic

The Growing Threat of Medical Identity Theft

I have been following a very disturbing trend for a couple of months now, and it is that of Medical Identity Theft. When we think of identity theft, we typically worry about credit cards or store credit being taken out in our name. Somebody attempting to purchase a vehicle or finance a mortgage using our personal identity. What we don’t really think about however is medical identity theft.

Primary topic: Identity Theft
Identity Theft
1,691 views
Read article
By Dovell BonnettRecently published1 topic

Network Security Doesn’t Have To Be A Burden

Whenever I log onto my computer, visit a subscriber web sites or check my emails I always get the screen “Please enter your User Name and Password”. To manage this authentication barrage I might use the same logon information for all my sites, make the passwords simply to remember and keep the same password for years. Now my company’s IT department has decided to increase security by making me change my logon password every 60 days, make it more than 8 characters long and it has to contain both numeric or special characters. Security is a necessary burden.

Primary topic: Identity Theft
Identity Theft
1,042 views
Read article
By Dovell BonnettRecently published1 topic

How Thieves Physically Steal Your Data!

Basically, the theft of sensitive information from companies can happen in two ways: physical data breaches or online breaches of security. Physical identity theft refers to cases where the identity thief needs to get in close to their targets or to the information they are trying to obtain. These sorts of identity theft efforts include dumpster diving to search for documents which contain information such as account numbers, social security card or credit card numbers, addresses and like.

Primary topic: Identity Theft
Identity Theft
1,253 views
Read article
By Dovell BonnettRecently published1 topic

MORE HACKING. WHEN WILL IT STOP?

The simple answer? It won’t. To paraphrase Willie Sutton, bank robber, “That’s where the money is.” PBS, Sony, Lockheed, Amazon, IMF, US Senate, etc., all announced in 2011 that their systems were hacked. Security specialists are now calling 2011 the year of the hacker. Weak SecureID tokens, malware, password attacks, etc., have all been used. Foreign governments, terrorists and a “hacking collective” called LulzSec have been accused. Recently, the DOD announced that cyber attacks can now be regarded as a military attack with the recourse being military ordnance.

Primary topic: Identity Theft
Identity Theft
1,399 views
Read article