WHITE PAPER | May 16, 2010
Did HITECH Heal Patient Data Hemorrhages?
In collaboration with:
The Extended Enterprise (suppliers, third-parties, remote employees) of healthcare providers often include many technically unsophisticated partners who are more likely to expose information. Thus tracking and stopping medical data hemorrhages is more complex and possibly harder to control given the fragmented nature of the U.S. healthcare system. However, efforts to move sensitive information out of ad-hoc spreadsheets and into better-managed EHR, as well as, proactively monitoring internet-based networks for exposure will reduce the inadvertent disclosures documented in this paper.
Takeaways
- 5 Major Breaches Detected in Two-Week Period: 28,000 Individuals Exposed
- Exposed Healthcare Data Fuels ID Theft and Medical Fraud
- Demand is Very Real: File-Sharing Users Employing Highly-Targeted Searches
WHITE PAPER | March 3, 2009
Data Hemorrhages in the Health-Care Sector
In collaboration with:
This paper examines the consequences of data hemorrhages including privacy violations, medical fraud, financial identity theft, and medical identity theft.
Also examined are the types and sources of data hemorrhages through an analysis of leaked files. The security risk for a group of health-care organizations is characterized using a direct analysis of leaked files that contain highly sensitive medical and personal information that could be maliciously exploited by criminals seeking to commit medical and financial identity theft. Also presented is evidence of the threat by examining user-issued searches. This analysis demonstrates both the substantial threat and vulnerability for the health-care sector and the unique complexity exhibited by the US health-care system.
Takeaways
- Gain an understanding of the breadth and enormity of inadvertent exposure risk
- Examine concrete evidence and actual law enforcement cases
- Learn how your organization can mitigate current risk and prevent future breaches
- Learn what today’s threat landscape looks like and how is it shaping the future of data criticality, security and protection?
- Review types and sources of data hemorrhages through an analysis of leaked files
- Discover new trends in cyber crime using a direct analysis of leaked files that contain highly sensitive medical and personal information that could be maliciously exploited by criminals seeking to commit medical and financial identity theft
research | May 28, 2009
Tiversa Identifies Over 13 Million Breached Internet Files in the Past Twelve Months
The research is based on data in an ongoing study by Tiversa, whose patented technology monitors roughly 450 million users issuing more than 1.5 billion searches a day. The files analyzed included only those identified on behalf of Tiversa’s existing customer base during the 12 month period. It’s also important to note that the referenced files are business documents only (.doc, .xls, .pdf, .pst, etc). Music, software and movie files (.avi, .mov, .wma, .mpeg4, .mp3, etc) were not included in the study. |
|
WHITE PAPER | April 21, 2009
The Ignored Crisis in Data
Security: P2P File Sharing
In collaboration with:
Sponsored by Tiversa, Ponemon Institute conducted this study to better understand the level of awareness among IT security practitioners about the risks posed by P2P file-sharing applications that reside on workplace,
remote and home computers. What was learned is that IT security practitioners seem to be only partially aware of or underestimate the risk, despite high profile cases that have illustrated the impact of disclosing even one file. It is also difficult to understand why this crisis goes ignored when 76% of IT security practitioners in our study admit that their organization breach involving the loss or theft of confidential information over the Internet. .
WHITE PAPER | March 3, 2009
Inadvertent Disclosure - Information
Leaks in the Extended Enterprise
In collaboration with:
Inadvertent disclosure of sensitive business information represents one the largest classes of recent security breaches. We examine a specific instance of this problem – inadvertent disclosures through peer-to-peer file sharing networks. We characterize the extent of the security problem for a group of large financial institutions using a direct analysis of leaked documents. We also characterize the threat of loss by examining search patterns in peer-to-peer networks. Our analysis demonstrates both a substantial threat and vulnerability for large financial firms. We find a statistically significant link between leakage and firm employment base.
WHITE PAPER | March 3, 2009
The Security Risks of Peer-to-
Peer File Sharing Networks
In collaboration with:
Peer-to-peer file sharing is a growing security risk for firms and individuals. Users who participate in these networks to share music, pictures, and video are subject to many security risks including inadvertent publishing of
private information, exposure to viruses and worms, and the consequences of spyware. In this paper, we examine the peer-to-peer file sharing phenomena,
including an overview of the industry, its business models, and evolution. We describe the information security risks users’ face including personal identification disclosure and leakage of proprietary business information. We illustrate those risks through simple honey-pot experiments.
|
