Enough czars/frameworks: the Government finally using buying power to advance security?
Encryption : data as vaults : cash - necessary protection, laws can allow legitimate access.
2001 - 2003: - Windows vulnerabilities Windows enable worms
2012 - 2014: - Open Source vulnerabilities enable cybertheft
The Home Depot breach is the latest "largest ever," but it is really just another example of "you can pay me now, or you can pay me a lot more later" proving out once again as the details come out.
The root cause of the breach can be traced to Home Depot's failure to implement the first subcontrol under Critical Security Control 2:
Deploy application whitelisting technology that allows
systems to run software only if it is included on the whitelistand prevents execution of all other software on the system.
The whitelist may be very extensive (as is available from
commercial whitelist vendors), so that users are not
inconvenienced when using common software. Or, for some special-purpose systems (which require only
More browser security popups are as useful as more drug side-effect warnings.Google plans Chrome pop-ups for sites using SHA-1