On Data Loss Prevention (DLP)

Vericept DLP is Dead…

dmeizlik — Mon, 14 Sep 2009 16:58:49 +0000

In case you hadn’t heard, Vericept, one of the founding DLP vendors, has been acquired by a company called Trustwave. The acquisition marks the final consolidation play of an enterprise DLP vendor. Most significantly, however, is that I expect this marks the death of Vericept as a DLP solution. Trustwave has stated pretty clearly that they intend [...]

Whoops - McAfee Leaks Data

dmeizlik — Fri, 31 Jul 2009 14:31:48 +0000

From ITnews.com.au Details of 1400 Australian security professionals leaked. Security vendor McAfee has sent out a bulk email containing the contact details of over 1400 security professionals that attended its recent conference in Sydney. The email revealed demographic data collected during the registration process for the McAfee Strategic Security Summit, held in Sydney on Friday July 17, as well [...]

First Family Safe House Details Leak Via P2P

dmeizlik — Fri, 31 Jul 2009 14:26:49 +0000

July 30, 2009 — Computerworld — Details about a U.S. Secret Service safe house for the First Family — to be used in a national emergency — were found to have leaked out on a LimeWire file-sharing network recently, members of the House Oversight and Government Reform Committee were told this morning. Also unearthed on LimeWire networks [...]

2009 Gartner MQ for Content-Aware DLP

dmeizlik — Tue, 07 Jul 2009 05:19:34 +0000

Well, it’s finally out. Gartner completed its analysis and published the 2009 Gartner MQ for Content-Aware DLP. Congrats to Paul and Eric! There aren’t too many surprises in here: RSA, Symantec, and Websense are the only vendors in the leaders quadrant McAfee (previously Reconnex) and Vericept dropped from the leaders quadrant The renaming of the report to content-aware DLP is [...]

New Report: The Executive Guide to DLP

dmeizlik — Wed, 29 Apr 2009 17:30:05 +0000

Rich Mogull of Securosis.com just completed a sponsored report called the Executive Guide to DLP, including a video series (3 clips). You can check it out here: http://www.websense.com/welcome/MiscLandings/exec_DLP/exec_DLP.html Description: Reported data breaches increased by nearly 50 percent in 2008 and industry and regulatory requirements are continually being added to stem the tide of data leaks. Data [...]

BankInfoSecurity Podcast from RSA

dmeizlik — Tue, 28 Apr 2009 21:07:34 +0000

I had the pleasure of speaking with BankInfoSecurity last week on the show floor of RSA. We chatted a bit about some of the challenges companies are experiencing, including security for Web 2.0, preventing data loss, and consolidation. Warning: We also spent a few minutes talking up my company’s new appliance. Take a listen to the podcast of [...]

California Aims to Enhance Breach Notification Law

dmeizlik — Tue, 28 Apr 2009 20:55:10 +0000

Dan Kaplan of SC Magazine is reporting that the California State Senate has passed a law (SB-20) that requires companies with data breaches to report (to victims) that a breach has occurred, as well as detailed information describing exactly what TYPE of data was lost. Read Dan’s article in SC Magazine here.

Google Docs Suffers Breach

dmeizlik — Mon, 09 Mar 2009 16:04:58 +0000

Back in October I wrote about how staff at Hospitals were using GoogleDocs to store/use patient records. Read here: http://ondlp.com/2008/10/10/risk-from-data-leakage/. Well, our friends at Google just announced that documents belonging to a “few users” were “inadvertently” shared with others. Read here: http://www.theregister.co.uk/2009/03/09/google_docs_serious_security_breach/ “… It’s not a tumor, at all!” - Dave

Obama’s Helicopter Blueprints Leaked in Iran

dmeizlik — Mon, 02 Mar 2009 19:34:06 +0000

Fox News (albeit not always the most “reliable” source) recently reported that information on the presidential helicopter known as Marine One was discovered on a computer in Iran. Apparently, a defense contractor had a file sharing program loaded onto a system that contained blueprints for the president’s helicopter - yes, the one we see landing [...]

Heart-”Attack-”land

dmeizlik — Fri, 27 Feb 2009 18:54:38 +0000

Ouch…. good article by Linda McGlasson over at BankInfoSecurity.com. Heartland Data Breach: Class Action Suit Filed on Behalf of Banking Institutions