There are valuable lessons to be learned when things go bad. All of us are susceptible to cybercrime in this industry as well as global business. I think it’s important to understand the “hows” in order to engineer the “solutions”.

Post Breach Summary – October 26, 2012:
The State of South Carolina announces that 3.6 million Social Security Numbers and 387,000 credit and debit card numbers were exposed in a recent successful cyber security attack. This Department of Revenue incident currently affects those who filed South Carolina tax returns since 1998. (With a... read more >

In today's world, especially among folks dealing with information security, it seems that the security provisions put in place to protect "information" are just not enough. This too often appears true whether the information is Personal Health Information (PHI), or Personal Identification Information (PII), or Credit Card Holder data (CCH) or even just information about where you shop.

In response to these inadequacies, governments and private organizations have created myriad standards and regulations with which businesses must comply. In the last decade alone, we've seen the creation of SOX, PCI, a number of state regulations, and now HITECH for protecting sensitive information. Regardless of whether yours is a public or a private company, local, regional, national, or multinational, you probably have to go through at least a few audits every year.

One common thread when undergoing an audit is the scramble to collect - and on most occasions, generate -... read more >