The law does not lead, it follows. Our system is very reactive in nature. It tends to change, without my surprise, like people generally do as a direct result to negative events or influences. Smokers quit following the heart attack and our legal system create laws based upon past events. GPS technology has been around… Read More
The PCI Challenge
It is frequently in the news. Reports have been written. Punitive and compensatory damages have been awarded. Companies around the globe have been challenged to find the resources required to comply with the Payment Card Industry Data Security Standard (PCI DSS). The prime PCI DSS objective is to protect cardholder data. The prime objective of… Read More
Insecurity
If you think that absolute security exists you would be absolutely incorrect. Speaking as a security practitioner who has been in the business for as long as there has been a security business, I’ll tell you with a straight face that no technology system exists that is completely secure or one hundred percent impenetrable. The… Read More
Juris Doctor 135-143 of 161: The Geek Shall Inherit the Universe
Cyber-espionage and Cyber-warfare poses the greatest threat to our society today. No longer are massive militarized forces with the most advanced weaponry the force to fear. The forces to be feared now are computer geeks. A single person or just a few cyber-savvy individuals working together as a team now possess the power to bring… Read More
Dropbox? More Like Dropball!
There has been a putative class action complaint filed on June 22, 2011, in the United States District Court, for the Northern District of California alleging that the popular cloud-based storage provider Dropbox, Inc. failed to secure its users’ private data or to notify the vast majority of them about a recent data breach. According… Read More
New PCI Data Security Standards for Cloud Compliance
The PCI Security Standards Council’s Virtualization Special Interest Group recently published its “Information Supplement: PCI DSS Virtualization Guidelines” (the “Guidelines”) to Version 2.0 of the PCI Data Security Standard (“PCI DSS”). The Guidelines provide context for the application of the PCI DSS to cloud and other virtual environments, and offer at least three critical reminders:
$7.2 million – cost of a data breach
The average organizational cost of a data breach increased to $7.2 million and cost companies an average of $214 per compromised record. What’s protecting you? Check out the CrossView Security playbook http://bit.ly/m3qnWD #CMO #retail
Juris Doctor 130-133 of 161
I’ve thoroughly enjoyed Cyberspace Law over the past three weeks exploring subject matter in ISP Liability for Speech, Anonymous Communications in Cyberspace, and Content Regulation in Cyberspace. A particular facet I have derived more amusement from than normal is concerned with the concept of anonymity. From a technical perspective, true anonymity does not actually exist.… Read More
We Eat Our Own
Our reasonable expectation of privacy is an illusion similar to the “job security” myth perpetuated by so many workers. The power to control your identity, privacy and security has less and less to do with the individual and more to do with corporate honor or criminal intent both of which sometimes have blurry demarcation. We… Read More
Juris Doctor 121-126 of 161
I’ve mentioned before that the focus of this doctoral program I am nearing completion with is focused on cyberspace law in the federal and international law sectors. There are a few things about what I have learned that are hysterical from my particular perspective. First, these technology courses I am participating in are really almost… Read More
Weapon of Mass Disruption (WMD)
Of all the attacks taking place on Web sites across the Internet today, and there have been some very high profile ones recently, SQL injection is making its mark as the cyber-criminal’s most effective weapon of mass disruption (WMD) into corporate data stores. In my opinion, this threat vector against the crown jewels is public… Read More
What’s in a name?
Prior to April Fools’ Day, 2011, you probably had never heard of Epsilon Data Management, right? I’d wager, however, that this email marketing firm has heard of you. In excess of 250 million email account names were pirated from the marketing services firm, vaulting this to what may be the largest breach of personal information… Read More
Juris Doctor 120 of 161 – AKA Beer Breach
I have a natural passion for keeping people safe and secure as many of you know. I also have a real passion for technology law which might be evidenced by the doctoral pursuit in law. I also follow the news looking for cases that have been adjudicated and what the verdict or in most cases,… Read More
Weekly Digest for March 24th
mdpeters posted 4 items. HORSE – Holistic Operational Readiness Security Evaluation.:General disclaimer HORSE – Holistic Operational Readiness Security Evaluation.:Privacy policy Anti-cybersquatting Consumer Protection Act Anti-cybersquatting Consumer Protection Act mdpeters posted 3 items. Main Page Main Page HORSE – Holistic Operational Readiness Security Evaluation.:About mdpeters posted User:Ledelars.
Juris Doctor 118-119 of 161
While I was doing some research on consumer protections in my Cyberspace Law class, I encountered the following policy that is certainly on the horizon for consumer protections. You can find the original press release here: Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework, The Department of Commerce internet policy… Read More
Weekly Digest for March 17th
mdpeters posted 5 items. User:Clemabun Main Page User:Vickorfo User:Wahbcai User:Nabioff mdpeters posted 6 items. User:Mdpeters HORSE – Holistic Operational Readiness Security Evaluation.:About Main Page File:Personal-CISO.jpg File:Michael-2010010102.jpg Main Page mdpeters posted 6 items. User:CrossView File:Linkedin.jpg Main Page Main Page Main Page Main Page mdpeters posted 2 items. Documents User:Mdpeters
Mobility Madness: Securely Extending Commerce to Mobile Users
With any emerging information technology, particularly those that interweave financial transactions, such as commerce and banking, one of the first concerns should be security. With an exponentially increasing number of consumers using mobile payment technologies, there is increased scrutiny of the precautions retailers are taking to guard these transactions. For retailers with mobile commerce sites… Read More
Weekly Digest for February 24th
mdpeters posted HORSE – Holistic Operational Readiness Security Evaluation.:General disclaimer. mdpeters posted User:Shadowfire1989.
Twitter Weekly Updates for 2011-02-20
Blog Updates Twitter Weekly Updates for 2011-02-13 – Blog Updates Now Reading: Irrefutable Laws of Leadership – 17 h… http://ow.ly/1bjTZc # Blog Updates Juris Doctor 117 of 161 – I am definitely having fun with my Cyberspace Law class this term. The cou… http://ow.ly/1bjTZb # HORSE Project Update File:Poolball5.jpg – uploaded a new version of… Read More
Weekly Digest for February 17th
mdpeters posted 7 items. Internet Law Treatise HORSE – Holistic Operational Readiness Security Evaluation.:Current events Main Page File:Poolball5.jpg Law File:Poolball5.jpg Main Page
The Weakest Link
I recently ran across a memorandum by the U.S. Citizen and Immigration Services (USCIS) that states: “Narcissistic tendencies in many people fuels a need to have a large group of ‘friends’ link to their pages and many of these people accept cyber-friends that they don’t even know. This provides an excellent vantage point for the… Read More
Juris Doctor 117 of 161
I am definitely having fun with my Cyberspace Law class this term. The course concludes this December so I have the rest of the year to immerse myself into a synergistic subject area. It is widely held that in general, lawyer’s knowledge about computers, and predictions they make about new technology, are highly likely to… Read More
Twitter Weekly Updates for 2011-02-13
Blog Updates Now Reading: Irrefutable Laws of Leadership – 17 http://ow.ly/1bd7yL # Blog Updates Twitter Weekly Updates for 2011-02-06 – Blog Updates Domestic Terrorism According to a recent analysis… http://ow.ly/1bd7yM # Blog Updates CISO FYI 2011021001 – Security through Encryption Overview: As many companies begin the migration of th… http://ow.ly/1binPK # Powered by Twitter Tools
CISO FYI 2011021001
Security through Encryption Overview: As many companies begin the migration of their internally hosted email to cloud providers such as Google, several items that need to be discussed come to my mind to ensure your corporate privacy and security is maintained. There are plenty of crossover implications for personal privacy and security as well. Encryption… Read More