SECURITY BRIEFS
Breaches get more costly
Data breaches continue to become more expensive. Costs to companies weigh in at a hefty average of CDN$212 per compromised record. That’s a 30 per cent increase over the 2005 average cost of CDN$161, according to the Ponemon Institute’s 2006 Cost of Data Breach Study.
The study also revealed that data breach cost per incident is pegged at CDN$5.6 million and the average spending after an incident to prevent further breaches is CDN$210,000.
Bluetooth cracks exposed
German programmers have released two tools aimed at compromising Bluetooth devices at the Chaos Communications Congress in Berlin. Thierry Zoller, a security consultant, introduced BTCrack, which takes advantage of weak PINs in Bluetooth devices, allowing an attacker to listen in on a pairing session and gain access to both devices. Also introduced was the HID Attack, a proof-of-concept exploit for hijacking a Bluetooth keyboard using the Human Interface Device (HID) standard, said its developer, Collin Mulliner. However, there are practical obstacles that can make a Bluetooth attack difficult. For instance, not all HID hosts implement server mode, which is necessary for the attack, said Mulliner.
CISCO makes CDN$969M buy
Cisco Systems Inc. plans to buy IronPort Systems Inc. of San Bruno, Calif. for CDN$969 million in cash and stock. Cisco plans to use IronPort’s spam and messaging security technology as part of its Self-Defending Network framework, Cisco said in a statement. The deal is expected to close in the third quarter of Cisco’s fiscal year 2007, which ends in April. IronPort, founded in 2000, began as an anti-spam firm. Since then it has expanded into areas like anti-spyware, Web traffic content inspection, data encryption and compliance, making it more attractive to enterprise IT players such as Cisco, said Jon Oltsik, analyst at the Enterprise Strategy Group.