Richard Bejtlich reports on a story that appeared in the Washington Times last week, "Apptis Inc., a military information technology provider, repaid $1.3 million of a $5.4 million Pentagon contract after investigators said the company provided inadequate computer security and a subcontractors system was hacked from an Internet address in China..."
As Richard said, this may be a first. When is this going to happen in the commercial market?Search
Categories
- Advanced Persistent Threat (APT)
- Application Security
- Authentication
- Books
- Botnets
- Breaches
- Compliance
- Cyberwar
- Data Loss Prevention
- Database Activity Monitoring
- Disk Encryption
- Funds Transfer Fraud
- Health Care
- HIPAA
- Identity Theft
- Innovation
- IT Security 2.0
- Legal
- Log Management
- Malware
- Network Security
- Next Generation Firewalls
- Phishing
- Privacy
- Research
- Risk Management
- Secure Browsing
- Security Information and Event Management (SIEM)
- Security Management
- Security Policy
- Security/Compliance Portfolio Management
- Social Engineering
- Steganography
- Theory vs. Practice
- Top Stories
- Trade Secrets Theft
- User Activity Monitoring
- Vendor Liability
- Voice over Internet Protocol
- Web 2.0 Network Firewalls
- Web Application Firewalls
« New rootkit presented at Black Hat | Main | LoJack-For-Laptops creates rootkit-like BIOS vulnerability »
Monday, 03 August 2009
TrackBack
TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01157148a11a970c011572547ced970b
Listed below are links to weblogs that reference Vendor "fined" by customer for lax security that resulted in an incident:
The comments to this entry are closed.
Recent Posts
- HoneyBot - Automated IRC Social Engineering
- The End of Malware? Hardly.
- Massive iPhone Security Issue
- Tabnabbing - a new variation on phishing
- Identity theft the old-fashioned way
- Heartland settles with MasterCard for $41 million
- LifeLock's CEO's Identity Stolen 13 Times - Who's fault?
- Heartland breach expenses reach $139 million - so far
- Simplistic attacks still work some of the time
- New attack bypasses all tested anti-virus products
My Favorite Books on Risk and IT Security
Peter L. Bernstein: Against the Gods: The Remarkable Story of Risk
Bruce Schneier: Beyond Fear: Thinking Sensibly About Security in an Uncertain World.
George Westerman: IT Risk: Turning Business Threats into Competitive Advantage
David Apgar: Risk Intelligence: Learning to Manage What We Don't Know
Bruce Schneier: Secrets and Lies: Digital Security in a Networked World
Andrew Jaquith: Security Metrics: Replacing Fear, Uncertainty, and Doubt
Nassim Nicholas Taleb: The Black Swan: The Impact of the Highly Improbable
Douglas W. Hubbard: The Failure of Risk Management: Why It's Broken and How to Fix It
Clayton M. Christensen: The Innovator's Prescription: A Disruptive Solution for Health Care
Benoit Mandelbrot: The Misbehavior of Markets: A Fractal View of Financial Turbulence
Comments