Archive

Archive for November, 2007

Another Prediction for 2008

This blog covers the second of ten predictions regarding events and trends that I have forecasted will occur in 2008. This prediction was:

2. Fewer worms and viruses will surface in the wild—a continuation of the present trend.

I am sure that you have noticed that massive virus and worm infections in the past such as those by Code Red, Nimba, Sircam, MSBlaster, Slammer, Netsky, Beagle, and others are no longer occurring. In contrast, this trend is not occurring with other types of malicious code—botnets and rootkits are proliferating at an unprecedented rate. Read more…

Categories: Uncategorized Tags:

First Prediction for 2008

In my last blog I made ten predictions regarding events and trends that I believe will occur in 2008. The first was:

Cybersecurity legislation regarding prompt notification of individuals potentially affected by data security breaches will be signed into law in the US. Other major cybersecurity-related legislation will, however, once again fail.

Passing cybersecurity-related legislation in the US is anything but an easy feat. Over the years many very worthy pieces of proposed cybersecurity legislation have died in committee or have been tabled or voted down once they have reached the full House of Representatives or the Senate. You may well remember that even though nearly two-thirds of the states in the US have passed legislation mandating notification of individuals potentially affected by data security breaches, Senator Feinstein’s proposed federal legislation requiring such notification died in 2006.
What will be different in 2008 that will result in data security breach notification legislation finally getting passed? Read more…

Categories: Uncategorized Tags:

Predictions for 2008

The year 2008 is right around the corner and with it new, very significant information security-related events, some of them good, some of them bad, will undoubtedly occur. Based on trends that I’ve been tracking, I’d like to make the following predictions Read more…

Categories: Uncategorized Tags:

A “Do Not Track” List?

One item in the recent news that caught my attention was a call by certain consumer groups to develop a “do not track” list in the US. This list, parallel in principle to a “do not call” list that went into effect years ago to curb unsolicited telephone calls, would allow people to “opt out” or “opt in” concerning whether companies and organizations can track their visits to Web sites through the use of cookies. Advertisers that install cookies on users’ computers would have to register every server used in connection with tracking Web site hits with the Federal Trade Commission (FTC). A two-day long FTC public forum on this subject was held earlier this month. Read more…

Categories: Uncategorized Tags:

OMB’s Incident Reporting Requirement

Several weeks ago the Office of Management and Budget’s (OMB’s) head of the Office of Electronic Government and Information Technology stated that the reported security-related incidents for US government agencies had more than doubled (from 14 to 30) in only a few months. Why the sudden increase in the number of reported incidents?  A possible explanation is the impact of a fairly recent OMB edict that requires these agencies to report security incidents in which personally identifiable information is compromised to the US Computer Emergency Readiness Team (US CERT) within one hour of the start of the incident. Evans asserted that this increase is due to agencies taking no chances—they now report anything that appears to be an incident in which personal information may have been obtained without authorization. She added that there now also may be increased awareness concerning potential incidents within agencies, something that she views as a positive development. An alternative explanation is simply that more incidents in which personal information is being compromised may be occurring. After all, recent statistics indicate that the number of such incidents has been growing rather dramatically over the past few years. Read more…

Categories: Uncategorized Tags: