Data Breach Notification Fatigue: Do Consumers Tune Out?

	Epsilon E-Mail Hack: How You Can Protect Yourself | Set Expectations for a Successful Security Career
	CIO Security				Forward this to a Friend >>>
	Data Breach Notification Fatigue: Do Consumers Tune Out? Data breach notifications are flying en masse following the Epsilon Interactive breach, but are they doing customers any good? Read More SURVEY: Global Security Survey 9th Annual Global Security Survey CIO, CSO & PricewaterhouseCoopers are conducting our 9th annual survey of worldwide information security practices. Participate & receive a copy of the survey summary when completed, a valuable tool that can help measure security initiatives against peers & provide insight into the current state of information security practices & challenges. Complete our survey & enter a prize drawing for an Apple iPad. In this Issue Epsilon E-Mail Hack: How You Can Protect Yourself Set Expectations for a Successful Security Career Phishing Scams Dupe the Most Active Online Users Lessons Learned From the Epsilon Data Breach Hacker 'Handshake' Hole Found in Common Firewalls Firewall Security Issue Raised in Report Ignites Vendors' Ire Microsoft Delivers Monster Security Update for Windows, IE U.S. to Issue Terror Alerts on Facebook, Twitter WhitePages Goes to the Cloud, Security Issues Linger 'Do Not Track': the Great Debate Kerry-McCain Privacy Bill: What You Need to Know Ransomware Squeezes Users with Bogus Windows Activation Demand U.S. Takes Out Coreflood Botnet Dot-Com Domains Still Lack DNSSEC Security WHITE PAPER: Dell Guidelines for Choosing a QSA The independent white paper in this security KnowledgeVault is just one of the resources to help you make the right decision. It details the top 5 questions to ask a prospective QSA firm and offers guidelines on everything from making sure they adequately handle compensating controls to assessing their expertise with virtualization. Learn more. Epsilon E-Mail Hack: How You Can Protect Yourself Hacking has long since ceased to be about juvenile fun and games, modern hackers are out to make money. Here's a look at how the bad guys use your information and how you can protect yourself. Read More Set Expectations for a Successful Security Career Being in control of your life and having realistic expectations about your day-to-day challenges are the keys to stress management, which is perhaps the most important ingredient to living a happy, healthy and rewarding life. -- Marilu Henner Read More Phishing Scams Dupe the Most Active Online Users People who make a lot of online transactions, are popular online and who respond to most of the emails they receive are at the highest risk for being duped by malicious phishers, according to a multi-university study. Read More Lessons Learned From the Epsilon Data Breach Unless you are a statistical anomaly, you should have received a handful of notifications by now from companies like Chase Bank, or Best Buy warning you that your email address may have been compromised in the attack on Epsilon. As the dust begins to settle, I think we should take an opportunity to review what we know and see what lessons can be learned from the Epsilon data breach. Read More Hacker 'Handshake' Hole Found in Common Firewalls Some of the most commonly-used firewalls are subject to a hacker exploit that lets an attacker trick a firewall and get into an internal network as a trusted IP connection. Read More Firewall Security Issue Raised in Report Ignites Vendors' Ire A test by NSS Labs that found firewalls from five vendors are subject in one way or another to remote exploit by hackers has ignited furious response from vendors Fortinet and SonicWall. Read More Microsoft Delivers Monster Security Update for Windows, IE Microsoft today patched a record 64 vulnerabilities in Windows, Office, IE and other software, including 30 bugs in the Windows kernel device driver and one in IE that was exploited at the Pwn2Own hacking contest. Read More WHITE PAPER: Dell Elements of a Proactive Data Security Solution See all the survey results along with more data security resources, including an expert Webcast outlining six vital security steps, in the security KnowledgeVault. Learn more. U.S. to Issue Terror Alerts on Facebook, Twitter The U.S. government may start issuing terror alerts using Facebook and Twitter, according to a news service report. Read More WhitePages Goes to the Cloud, Security Issues Linger To feel comfortable using cloud-based offerings such as software-as-a-service, WhitePages needed to address its concerns about security. Read More 'Do Not Track': the Great Debate Much Internet ado has been made about the Do Not Track bill, which would let people opt out of Internet advertisers’ efforts to track their online activities for better-targeted advertising. On one hand, privacy advocates continually decry the ever-diminishing loss of privacy on the Web. On the other hand, advertisers and trade groups claim that the restrictions would make it harder for online publishers to make money on the Internet--which means that it would be harder for companies to offer free content (such as this article) or free Web apps and services. Read More Kerry-McCain Privacy Bill: What You Need to Know A privacy bill of rights is something that tech pundits have talked about for years, but now Senators John Kerry and John McCain hope to make it a reality with a bipartisan bill in the Senate called the "The Commercial Privacy Bill of Rights Act of 2011." Read More Ransomware Squeezes Users with Bogus Windows Activation Demand A new Trojan tries to extort money from users by convincing them to dial international telephone numbers to reactive Windows, a security researcher said today. Read More U.S. Takes Out Coreflood Botnet The U.S. Department of Justice and FBI said today they had filed a civil complaint, executed criminal warrants, and a temporary restraining order as part of what they called the most comprehensive enforcement action ever taken by U.S. authorities to disable an international botnet. Read More Dot-Com Domains Still Lack DNSSEC Security It's been over two weeks since the DNS Security Extensions (DNSSEC) system was turned on for .com domain names. This is an end stage for a process that will one day let surfers be 100 percent confident they're accessing the site they think they are, and have not been diverted by hackers. Read More
	Hot Picks for the Week CIO Resumes: Compare Yours to the Cream of the Crop 9 Best Social Networking Android Apps Google Apps: How We Convinced the C-Suite Switching Outsourcing Providers: 10 Tips Join CIO on Facebook! Images, Stories, RSS, Twitter and more!
	Get more CIO peer perspective online LinkedIn | Facebook | Twitter You are currently subscribed to cio_security as info55383.news@blogger.com. Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com To contact CIO.com, please send an e-mail to online@cxo.com. Copyright (C) 2011 CIO, 492 Old Connecticut Path, P.O. Box 9208, Framingham, MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to online@cxo.com. **