Following on from the record losses arising out of the activities of rogue trader Jerome Kerviel, a preliminary report from the Societe Generale bank has laid the blame squarely at the door of its own inadequate IT security procedures.
The report results from an independent investigation, being led by Jean-Martin Folz, the former chief executive of Peugeot Citroen, assisted by Jean Azema, the chief executive of Groupama, the insurer, and Antoine Jeancourt-Galignani, chairman of the real estate company Gecina.
The large number of services running on a typical Windows or UNIX server is more than enough to discourage a network administrator with too little time and too few resources from determining which are needed and which are redundant. As a result, there are many different routes into an otherwise secure server or workstation.
The security software industry has taken a step towards creating a more standardized approach for anti-malware testing, with the formation of the Anti-Malware Testing Standards Organization (AMTSO).
Board directors today have extensive responsibilities to comply with the UK Combined Code, Sarbanes-Oxley and a host of other national statutes and regulations. With technology at the heart of most enterprises, there are explicit requirements for directors to ensure proper governance of IT as a part of their control of operational risk. However, despite the clear need for effective oversight, we recently discovered that take-up of IT governance remains worryingly low.
Reports are emerging that customers on the Major League Soccer’s e-commerce site, MLSgear.com, have been the victims of a security breach. The incident was first highlighted by PogoWasRight.org, a blog that tracks data breaches, and was subsequently reported by MLSgear.com in a breach notification filed with the New Hampshire State Attorney.
Adobe has reacted to claims by researchers that a flaw in its Reader application enabled hackers to exploit this vulnerability in order to to break into Microsoft Windows computers.
Quebec police report that they have uncovered the largest hacking scam in Canadian history. They have arrested 17 people who, they claim, were members of a computer hacking network that targeted unprotected personal computers around the world.
A group of the most influential groups and industry bodies associated with information security in the UK have announced the launch of a partnership designed to address a lack of information security awareness. The new group will be called the Information Security Awareness Forum.
The members of the Forum believe that one of the biggest problems facing organisations and individuals is a lack of security awareness, with people either not knowing about security processes and technical countermeasures, or ignoring or circumventing them.
Security Management News is published by Exaprotect.
© Exaprotect. All Rights Reserved | Disclaimer | Privacy | Terms of Use
