Printer Friendly
The Free Library
19,573,962 articles and books
Member login
User name  
Password 
 
Join us Forgot password?

100 Million Personal Records Exposed: AppSecInc CTO Reflects on Data Security at Critical Milestone.


Application Security, Inc. CTO (Chief Technical Officer) The executive responsible for the technical direction of an organization. See CIO and salary survey.  Aaron Newman Available for Comment on How Data Security Must Change in 2007

NEW YORK New York, state, United States
New York, Middle Atlantic state of the United States. It is bordered by Vermont, Massachusetts, Connecticut, and the Atlantic Ocean (E), New Jersey and Pennsylvania (S), Lakes Erie and Ontario and the Canadian province of  -- This morning, the Privacy Rights Clearinghouse Privacy Rights Clearinghouse (PRC) is a project of the Utility Consumers' Action Network (UCAN), an American 501(c)(3) non-profit consumer advocacy organization. The Privacy Rights Clearinghouse is devoted to upholding the right to privacy and protecting consumers against identity  (www.privacyrights.org) reported that more than 100 million personal records have been exposed since early 2005. On the occasion of this disturbing milestone, Application Security, Inc., (AppSecInc) (www.appsecinc.com) the market leader in database security, offers perspective on how data security must change as we prepare to enter 2007.

While the image of a computer hacker exploiting software flaws over the Internet from a foreign country strikes fear, the reality is much more complex - and ominous. In the past two years, reported data breaches more than doubled in 2006 when compared to 2005. The number attributed to "hacks" dropped, however, to less than 20 percent in 2006, from approximately 35 percent in 2005.

Massive data exposure often results from shortcomings A shortcoming is a character flaw.

Shortcomings may also be:
  • Shortcomings (SATC episode), an episode of the television series Sex and the City
 in people, process and policy - as well as technology. As a result, AppSecInc CTO Aaron Newman recommends that vulnerabilities associated with data - not amorphous threats or specific technology weaknesses - be the critical starting point Noun 1. starting point - earliest limiting point
terminus a quo

commencement, get-go, offset, outset, showtime, starting time, beginning, start, kickoff, first - the time at which something is supposed to begin; "they got an early start"; "she knew from the  for ALL security initiatives. Mr. Newman is one of the foremost experts on database security and co-author of the Oracle Security Handbook. He suggests the following six steps are the right mindset mind·set or mind-set
n.
1. A fixed mental attitude or disposition that predetermines a person's responses to and interpretations of situations.

2. An inclination or a habit.  for a security resolution in the New Year:

1. Trust no one. No one in an organization should be exempt from controls over how data can be accessed or used.

2. Inventory the most sensitive data, and don't even think about protective measures until you've completed a thorough discovery of sensitive data and where it resides.

3. Build a layered defense, prioritize efforts based on value and risk, and don't get seduced by silver bullets - there are none.

4. Document everything. It helps to bolster compliance at the same time.

5. Do something decisive, do it quick, and enlist others to help - even if you have to scare them into it.

6. Have vision and the courage of your convictions. The upside of rock-solid security is the ability to share data freely and with confidence, generating maximum value.

Mr. Newman adds, "The end of 2006 greets us with the cold, hard fact that at this level of exposure, we're playing with fire. With each breach, massive and widespread identity theft is headed toward epidemic proportions. In the past, security was dealt with in an outside-in mindset, defending the walled garden Refers to a network or service that restricts its users to its own content. Cable TV and satellite TV are walled gardens, offering a finite number of channels and programs to its subscribers.  from intruders. But in today's reality, this leaves far too much room for error - or malfeasance The commission of an act that is unequivocally illegal or completely wrongful.

Malfeasance is a comprehensive term used in both civil and Criminal Law to describe any act that is wrongful. . We must make 2007 the year of inside-out security - starting with the ultimate target of exposure, the database, and working our way out in a layered defense."

To speak with Mr. Newman or other AppSecInc executives on these and other database security-related issues, contact Christine Meyers at 781-687-1034 or via email at cmeyers@appsecinc.com.

About Application Security, Inc. (AppSecInc)

AppSecInc is the leading global provider of database security solutions for the enterprise with offices in North America North America, third largest continent (1990 est. pop. 365,000,000), c.9,400,000 sq mi (24,346,000 sq km), the northern of the two continents of the Western Hemisphere.  and the UK, and a robust partner-reseller network in key markets like EMEA (Europe, Middle East, Africa) Refers to that region of the world. For example, one might see products packaged differently for the UK, EMEA and Asia Pacific markets. , Asia-Pacific, and Latin America. AppSecInc's products - the industry's only complete vulnerability management solution for the database tier - proactively secure database applications at more than 600 organizations around the world. Our security experts, combined with our strong support team, deliver up-to-date database protection that minimizes risk and eliminates its impact on business.

Please contact us at 1-866-927-7732 to learn more, or visit us on the web at www.appsecinc.com.

AppSecInc is a trademark of Application Security, Inc. All other company and product names are trademarks of their respective companies.
COPYRIGHT 2006 Business Wire
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2006, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

 Reader Opinion

Title:

Comment:



 

Article Details
Printer friendly Cite/link Email Feedback
Publication:Business Wire
Date:Dec 14, 2006
Words:599
Previous Article:Dell Technology Helps Errand Solutions Live Up to Its Name.
Next Article:Compliance 360's Customer Wins Best Compliance Practices Award for 2006.
Topics:



Related Articles
Time For A New Look At Email Management.
Social insecurity: personal info subject to hack attacks.
Veterans call for improved military records.
ENHANCED ASAP INCLUDES SYBASE PASSWORD STRENGTH TESTING.
Study reveals consumers' data worries.
Imperva Protects Unpatched Oracle Databases Against Recently Disclosed Remote Vulnerabilities; SecureSphere Database Security Gateway Detects and...
Former U.S. Cyber Security Czar Richard Clarke and Noted Security Experts Discuss Data Security at Application Security, Inc. Event.
AppSecInc Debuts DbProtect(TM), the Industry's Most Comprehensive Database Security Solution.
IntruGuard Protects Top Turkish Social Networking Website from Distributed Denial of Service (DDoS) Attacks.
Application Security, Inc. Protects Customers From Database Vulnerabilities Identified in Latest Oracle Critical Patch Update.

Terms of use | Copyright © 2012 Farlex, Inc. | Feedback | For webmasters | Submit articles