RiskIT Logo

Issue 41                                             Thursday, September 15, 2011 

 

Laptop Breach: A Security Reminder

 

 

University Calls Attention to Recommended Security Steps

Indiana University School of Medicine is reminding faculty, staff and residents about the importance of encryption and other information security steps after the theft of an unencrypted laptop.

The laptop containing information on about 3,200 patients was stolen Aug. 16 from the locked car of a physician who works at the school's department of surgery. The information, which the physician was using to conduct research, included patient names, ages, sex, diagnoses, medical record numbers and, in 178 cases, Social Security numbers.

To read this article in its entirety, please click:

Laptop Breach: A Security Reminder

Simple Network Security Monitoring Tools

 

If you want a robust, cost effective and easy to use Intrusion Detection System (IDS) and Network Security Monitoring (NSM) platform, look no further than Doug Burk's "Security Onion".

 

Security Onion is a Linux distro that contains software used for installing, configuring, and testing Intrusion Detection Systems. It is based on Xubuntu 10.04 and contains Snort, Suricata, Sguil, Squert, Xplico, nmap, scapy, hping, netcat, tcpreplay, and many other security tools.

 

What is great about Security Onion is that it takes all the guess work out of setting up an effective IDS and takes the output of intrusion attempts and displays the critical ones in a nice user interface called Sguil.

 

  

To read this article in its entirety, please click:

Simple Network Security Monitoring Tools

 

 

Study Warns US Must Develop Cyber Intelligence

 

A new study warns that the U.S. must develop cyber intelligence as a new and better coordinated government discipline that can predict computer-related threats and deter them.

 

The report by the Intelligenge and National Security Alliance says the dramatic expansion of sophisticated cyber-attacks has moved beyond acceptable losses for government and businesses that simply threaten finances or intellectual property.

 

 

To read this article in its entirety, please click:  

Study Warns US Must Develop Cyber Intelligence

    

IG Deems DHS Financial, Operational Data Risk

 

    

Auditors Cite Excessive Unauthorized Access to Key Apps

The inability of the Department of Homeland Security to implement appropriate IT and application controls has placed at risk the confidentiality, integrity and availability of DHS's financial and operational data, according to an audit conducted for the department's inspector general.

Auditors from KPMG released its findings to the DHS IG in April, but the inspector general didn't provide a public version, which was redacted, until this past week.

To read this article in its entirety, please click: 

 IG Deems DHS Financial, Operational Data at Risk

 

Vending Machine Company Announces Major Data Breach
 

Up to 40,000 reported may be affected by breach of Vacationland Vendors machines at waterparks in Wisconsin, Tennessee

 

 

Vacationland Vendors, a company that supplies vending machines and games to entertainment venues, has disclosed a data breach affecting about 40,000 people who visited waterpark resorts in Wisconsin and Tennessee between December 2008 and May 2001.

 

  

To read this article in its entirety, please click:

 

 
RiskIT Logo 
is an email publication provided by

 

Eminere Group Logo 

 

Disaster Recovery Journal

 

 

 

ISACA Logo

 

 

 

 HIMSS Logo

 

 

More Useful Links...
  
  
  
  
  
  
  
  
  
Join Our Mailing List