Forwarded from: Simon Taplin <simon (at) simontaplin.net> http://www.businessweek.com/articles/2012-04-03/fico-hacks-itself-to-prevent-cybercriminal-attacks By Sarah Frier Businessweek April 03, 2012 Vickie Miller is trying to break into FICO’s computer network, whose hundreds of servers store essential data for Visa (V), MasterCard (MA), and many other large corporations and banks. Don’t mistake this for hacking. Miller is the security director at FICO (FICO), the credit-scoring company. She’s using an approach to computer security called penetration testing, which lets her scour a digital map to find ways to break into her own company’s data before a cybercriminal can. “We knew we needed, as aggressively as possible, to be able to find our weaknesses and fix them before anybody else does,” Miller says. “We had been focused on defending and responding. I knew we could do better.” As the costs of data hacks surge—the average loss is $5.5 million—and information thieves become better-funded and more coordinated, FICO and companies from EBay (EBAY) to Peet’s Coffee & Tea (PEET) are expanding efforts to prevent attacks. They’re feeding a market for data-vulnerability management that may grow to almost $1 billion in 2016, from $400.5 million in 2011, according to consulting firm Frost & Sullivan. That benefits companies such as Core Security Technologies and Rapid7. By anticipating hacks, instead of just monitoring and reacting to suspicious activity, businesses are trying to avoid becoming the next Sony (SNE), where an attack compromised more than 100 million customer accounts last April in the second-largest online data breach in U.S. history. “Some of the mega-breaches are likely to become more common,” says Larry Ponemon, founder of the Ponemon Institute, a Washington-based privacy and data-protection research group. “The cybercriminal has more tools at their disposal.” [...] _______________________________________________ LayerOne Security Conference May 26-27, Clarion Hotel, Anaheim, CA http://www.layerone.orgReceived on Tue Apr 10 2012 - 22:34:02 PDT
This archive was generated by hypermail 2.2.0 : Tue Apr 10 2012 - 22:32:38 PDT