Data Classification and Controls Policy for PCI DSS
Do you run an e-commerce site? Are you sure you do not store any payment card data or PII (personally identifiable information) in some MySQL database? The first step in protecting credit card and customer data is to know what sensitive data you really store, classify what you have and set up the appropriate security […]
The connection between porn, fraud and data breaches
Are organizations with higher exposure to online porn and gambling more likely to have a higher incidence of data breach incidents? On the heels of recent Israeli credit card breach incidents, the reports of suspected fraud and money laundering at ICC CAL are bad timing at the very least for Israeli security and compliance. Last […]
Ten steps to protecting your organization’s data
Here are 10 steps to protecting your organization’s privacy data and intellectual property. As a preface, begin with the understanding that you already have all the resources you need. Discussions with colleagues in a large forensics accounting firm that specialize in anti-fraud investigations, money laundering and anti-terror funding (ATF), confirm what I’ve suspected for a […]
Economic crime vulnerabilities
The key vulnerabilities of a business to fraud and data loss are rooted in the four sins of hubris: thinking, looking, fighting and denying. Hubris is defined as excessive pride or self-confidence, starting with the thought that fraud and data theft won’t happen to you. Most firms look in the wrong direction, by focussing on external […]
UK gets serious in the war on corruption
David Benyon from Op Risk and Compliance magazine reports A new bribery and corruption legislation will be put before the UK parliament. Doing business using bribery would mean jail for a decade under the bill. “The new Bribery Bill will make it far easier for companies and senior management to be prosecuted where bribes have […]
Gaming the ratings
A common vulnerability in online ecommerce sites is fraudulent manipulation of user profiles in order to boost the ratings of products in online recommender systems and overall reputation of the web site. This article – Unsupervised Retrieval of Attack Profiles in Collaborative Recommender Systems casts this problem as a problem of detecting anomalous structure in […]
Mafia country, counterfeiting currency
Back in the late 70s when I was a grad student in physics I gave a paper in Pisa and then in Bari. The differences between Pisa and Bari were very clear – Pisa – Northern Italy, very European and industrialized, Bari, South of Italy, very agricultural and very Mediterranean – the one thing that […]
