Kaliber Data Security Blog

Read posts from the Kaliber Data Security Blog focusing on data protection, cyber security and more.

Insider Threats: Risks and Examples

Guest Contributor: Dan Virgillito   Ted is an application developer who lost his job in the IT sector due to company downsizing. Ted was displeased at being laid off just before Christmas, and expressed his displeasure by launching a systematic attack on his former company’s network. Three weeks following his termination, the insider used the […]

Do you Really Need an Information Security Manager?

If you are a large multi-national corporation you need an Information Security Manager. If you are a large bank you need an Information Security Manager. If you are a large retailer or medical institution you definitely need an Information Security Manager. In fact, if you are any of these, you probably need a team of […]

Applying CIA Concepts to Cyber Resilience

In classical information security practice [It is interesting to note that the need for information security is barely 30 years old and conventional practice is already considered “classical.”] an organization is expected to identify and categorize its critical assets;  evaluate security threats and vulnerabilities;  categorize the impact of those threats on the Confidentiality, Integrity and […]

How the Target Breach and the Malaysian Flight 370 Mystery are Related

While there has been at least one article (link) suggesting that hackers could have diverted the Malaysian jet which mysteriously disappeared over the South Pacific, what really unites the jet mystery with the Target breach is the topic of “alarm overload.” Numerous public safety incidents have, over the years, been linked to alarm systems that […]

Businesses need to be concerned about Identity Theft, too!

It is  not only individuals who are at risk from identity theft–U.S. businesses lose billions of dollars a year from it, as well. This problem can arise from a breach of your data at the hands of either a cyber-criminal or a disgruntled former employee. It doesn’t always end in cash being siphoned from your […]

How Cyber Criminals Make Money from Hacked Computers

This poster identifies and explains different ways cyber criminals can make money from a hacked computer. This helps ordinary computer users understand why they are a target and how they are worth money. This is an excellent resource to actively engage people in your awareness program. This poster is based on the original work of Brian […]

HIPAA Breaches Cost Small Providers, too!

In a recent article (link) posted by Metropolitan Corporate Counsel, attorneys Luiz Diaz and David Crapo assess the costs associated with HIPAA breaches. Their analysis is based on a review of reports made since the 2009 Notification Rule went into effect. Since 2009, providers have paid almost $15 million dollars in notification costs for postage, […]

A Few Quick Password Tips

Based on a recent study at Carnegie Mellon University these are a few simple things that can make your passwords less vulnerable to brute force attacks: Place digits and symbols anywhere but at the end. Place uppercase characters anywhere but at the beginning. Multiple characters spread out in more than one location are associated with […]

Is your Firm Spending too much on Information Security?

Vendor-neutral security audits are an important way for companies to get a measure of their risks and the appropriateness of the controls they have instituted.

Does IT align with Maslow’s “Hierarchy of Needs”?

In a recent blog post, Dwayne Melancon, CTO of TripWire explored the notion of aligning the value provided by IT with  the well known psychologic theory, “Maslow’s Hierarchy of Needs”.  In Maslow’s paradigm he postulates that, as humans, we  must cover the basics (breathing, food, water, procreation, sleep, critical bodily functions, etc.) before we can […]