Jun 17, 2014

Security Fail: Back It Up!

By | June 17th, 2014|Security Awareness 101, Security Awareness Fails|

Recently a SAC employee was getting her daily dose of caffeine at a local coffee shop when she overheard a conversation of a man trying to help recover a woman’s computer. “The good news is your client information was on the server, so you should be able to access that [...]

May 30, 2014

Security Fail: Gift Card Fraud

By | May 30th, 2014|Security Awareness Fails|

A security breach is similar to a home invasion – no one thinks it will happen to them, until it does. Some are more prepared than others – installing alarm systems or purchasing guard dogs. But others? They just hope locking their doors is enough. And some don't lock their [...]

May 08, 2014

Chase & Reebok: An Epic Fail in Security Response

By | May 8th, 2014|Security Awareness Fails, Winn Schwartau|

I am extremely security aware. Almost to the point of paranoid... but certainly acutely aware of what can go wrrrroonnngggg. Just the other day, I was checking a credit card and noticed a charge from Reebok for $345. Huh? What's that? I called Reebok, who responded, "We have no way [...]

Sep 23, 2013

BYOD? Bring Your Own Doom

By | September 23rd, 2013|Ask The Experts, Security Awareness Fails, Winn Schwartau|

IT’s efforts to protect information security can cause other problems. Mimecast CEO Peter Bauer lost a whole gallery of irreplaceable family photos and other personal information thanks to a BYOD policy he helped create. His daughter tried to open his smartphone. She tried to guess the phone’s PIN, and after [...]

Jul 09, 2013

Chase Breach Part III – Lessons We Can Learn

By | July 9th, 2013|Security Awareness 101, Security Awareness Fails|

Lessons I Would Suggest Financial Services Industry Members Take to Heart and Practice: Please, please, please make sure your staff is properly trained to recognize and report security issues from customers. “I don’t know…” is completely unacceptable. You hopefully provide your employees with security awareness and training for the sake [...]

Jul 02, 2013

Chase Breach Part II: A Continued Failure

By | July 2nd, 2013|Security Awareness 101, Security Awareness Fails|

A couple of other customer service reps (from which internal departments, I do not know as I was shuffled,) were completely flummoxed by the words “possible data breach,” “potential security incident,” and similar terminology that should have made the Red Flags wave wildly. Only one person had any clue of [...]

Jul 01, 2013

Chase Breach Part I: A Story of Epic Fail in Security Reporting and Escalation

By | July 1st, 2013|Security Awareness 101, Security Awareness Fails|

My wife and I Refi’d our house with Chase in May. They provided exemplary service and their mortgage division customer retention program is nothing short of phenomenal. But the company’s security reporting and escalation system was such an epic failure I am hard pressed even to call it abysmal. It [...]

Jun 07, 2013

What About Bob? A Personal Data Leak Tale

By | June 7th, 2013|Security Awareness 101, Security Awareness Fails|

A colleague of ours shared this story with us.  Bob Singley was at home recuperating from a short, but necessary hospital stay. He was doing fine, but was taking various medicines which included some for pain that made him, in his wife Sheila’s words, “…a little loopier than usual.” Sheila [...]

Jun 04, 2013

iOS Devices Hacked in Under a Minute with Modified USB Charger

By | June 4th, 2013|Security Awareness 101, Security Awareness Fails|

A security team at Georgia Tech has found a way to "upload arbitrary" code to any iOS device without user interaction. This is done by using a modified USB charger, one that a victim would think is completely normal. However, the research is "not clear if the charger is able [...]

May 15, 2013

Security Awareness FAIL: #1

By | May 15th, 2013|Managing SA Programs, Security Awareness Fails|

Let me count the ways... I am 10000% confident, beyond any doubt, that security awareness can be an epic fail. Yet, if we can exploit to the devices we already have at our disposal, security awareness is a boon for any company's security efforts. But let's get back to how [...]

Load More Posts