SMBs underestimate cybercrime risks

Posted by Robb Beggs on 08/12 at 02:44 PM

A survey by McAfee indicates that smaller organizations in North America believe they can fly under the radar of today’s cyber crooks.
The latest survey from security vendor McAfee has found that small to medium-size businesses in North America and Europe wrongly conclude their revenue is too low to draw the attention of cybercriminals. … In the U.S., 39 per cent of businesses with up to 1,000 employees reported spending an hour or less a week on IT security. The figure is higher for Canadian businesses: 44 per cent. Part of the problem is that attention to security takes time, and SMBs have fewer resources. … [Full article online at: ]http://www.itbusiness.ca/it/client/en/home/News.asp?id=49467&PageMem=1]

(0) Comments • Permalink

Call for Papers - 10th Annual Privacy and Security Conference (Victoria, BC)

Posted by Robb Beggs on 08/08 at 10:47 AM

The Annual Privacy and Security Conference and Exposition has become a leading event in North America for those working in the information privacy and security fields. Held in beautiful Victoria, British Columbia, Canada, the two-day conference draws an international audience of some 1,200 delegates with an interest in cutting edge policy, programs, research and technologies aimed at the protection of privacy and securityCALL FOR PAPERS
10th Annual Privacy and Security Conference
Victoria, British Columbia, Canada
February 3 & 4, 2009

The Annual Privacy and Security Conference and Exposition has become a leading event in North America for those working in the information privacy and security fields. Held in beautiful Victoria, British Columbia, Canada, the two-day conference draws an international audience of some 1,200 delegates with an interest in cutting edge policy, programs, research and technologies aimed at the protection of privacy and security.

Hosted by the Province of British Columbia, along with its partners and sponsors, the Annual Privacy and Security Conference is renowned for its outstanding content, world class experts and excellent peer to peer networking opportunities with industry and government leaders.

The Privacy and Security Conference Committee is pleased to extend an invitation to those working within the broad privacy and security communities to submit papers on their area of expertise. Of particular interest are briefs on cutting-edge subjects and themes suitable for presentation in either a larger presentation format or as part of a panel discussion.

This is the 10th anniversary of this high profile policy and technology conference, and the first year that the Committee has issued a Call for Papers. Up to now, the Committee invited potential speakers from the various fields within the privacy and security arenas. The Committee has decided to broaden their scope by issuing this Call and offering this opportunity to a wider audience.

Date: February 3 & 4, 2009
Location: Victoria Conference Centre, Victoria, BC, Canada
Theme: Life in a Digital Fishbowl – A Struggle for Survival or a Sea of Opportunity?

Details:
The Privacy and Security Conference Committee seeks submissions that represent policy, programs, research and technologies on the Theme of “Life in a Digital Fishbowl”. The Committee will be selecting the papers and issuing the invitations to selected speakers. The intellectual property rights of those submitting papers for review will be respected throughout the process.

Deadline:
All entries must be received by midnight of August 15, 2008. Invited speakers will be notified by September 12, 2008.

Submissions:
Submissions will be accepted electronically at: http://rebootconference.com/privacy2009/callforpapersform.php
Please provide the following information:

Name of speaker
Title
Organization
Phone number
E-mail Address
Expertise Level: (Executive, Management, Analyst)
General Theme (see below)
Topic (25 words or less)
Abstract (250 words or less)
Bio (200 words or less)
2009 Conference Suggested Topics (not exhaustive):

Security Topics

New Issues with Social Networking
VOIP
Security in Web 2.0/3.0
Forensics
Artificial Intelligence
Profiling and Security
Security in Cloud Computing
On-Line Government Services – Communication and Collaboration Tools
Privacy Topics:

Data Mining
Privacy of Wireless Health Records/ Medical ID theft or fraud
Privacy, Free Speech and Censorship on the web
Fusion Centers
Deep Packet Inspection
DNA databases, bio banks and genetic testing
Citizen Journalism and Digital Media Tools
Laptop Privacy and Border Searches
Blackberries and Encrypting email: Privacy protections and Terrorist Concerns Workplace Surveillance
Presentation Types:

Issue papers: An executive or management briefing on a prominent issue or aspect of information privacy or security.
Case studies: Descriptions of a given information privacy or security situation or incident, or research results. Names of organizations can be kept anonymous to maintain confidentiality if necessary.
New technology research: Results or developments in cutting edge research on new information privacy and security technologies.
Sociological/ Philosophical perspective: A candid and/or introspective look at the impacts of new technological developments on privacy, security, social consciousness, or social functioning.
Papers in the above categories may be selected for a 45 minute to one hour presentation in a focused workshop format, or a 15 to 20 minute oral presentation on a specified panel session at the conference.

Have Questions or Need More Information?

For conference content, theme and agenda questions, please contact: For venue and conference administration questions, please contact: Reboot Communications Ltd. at 1-604-530-0872, or
For sponsorship questions, please contact Reboot Communications Ltd. at 1-866-388-6060 or
Submissions will only be accepted electronically at: http://rebootconference.com/privacy2009/callforpapersform.php

(0) Comments • Permalink

Four in 10 companies don’t enforce security: survey

Only 59 per cent of Canadian companies enforce their IT security. Nearly one-quarter of respondents to a recent survey on IT security said their policies were not enforced in an acceptable way. The survey of 300 organizations, conducted by both Telus Corp. and the University of Toronto’s Rotman school of Management, the Rotman-Telus Joint Study on Canadian IT Security Practices, was released Monday. Of the private companies surveyed, respondents lost an average of $294,000 to cyber crime, while the average publicly-traded firm lost $637,000 per year. Government organizations lost an average of $320,000. Greg Meckbach of ComputerWorld Canada (28 Jul 2008), recently report that a study released this week by Telus and the Rotman School of Management found only 59 per cent of Canadian companies enforce their IT security. Nearly one-quarter of respondents to a recent survey on IT security said their policies were not enforced in an acceptable way. The survey of 300 organizations, conducted by both Telus Corp. and the University of Toronto’s Rotman school of Management, the Rotman-Telus Joint Study on Canadian IT Security Practices, was released Monday. Of the private companies surveyed, respondents lost an average of $294,000 to cyber crime, while the average publicly-traded firm lost $637,000 per year. Government organizations lost an average of $320,000. Read the complete story at: http://www.itworldcanada.com/Pages/Docbase/ViewArticle.aspx?id=idgml-4185db56-cb72-4b38&Portal=448d158c-d857-4785-b759-ffa1c005933c&sub=267369

(0) Comments • Permalink

New coalition wants to go Batman on cybercrime

Posted by Robb Beggs on 07/23 at 11:15 AM

With support from Bell Canada, the Competition Bureau of Canada, Concordia University, Rogers Communications and Microsoft Canada, the National Cyber Forensics Training Alliance Canada (NCFTA Canada) has been established to fight cybercrime activities in Canada such as phishing attacks, botnets, and identity theft. The alliance will undertake research and development projects in order to define cyber criminal prevention methods as well as develop counter-measures to these emerging threatsWith financial support from the likes of Bell, Rogers and Microsoft, the newly formed NCFTA hopes to boost cybercrime research and development in Canada. A well-known U.S.-based anti-cybercrime advocacy group is launching a new Canadian chapter with help from some of the country’s biggest corporate giants. With support from Bell Canada, the Competition Bureau of Canada, Concordia University, Rogers Communications and Microsoft Canada, the National Cyber Forensics Training Alliance Canada (NCFTA Canada) has been established to fight cybercrime activities in Canada such as phishing attacks, botnets, and identity theft. The alliance will undertake research and development projects in order to define cyber criminal prevention methods as well as develop counter-measures to these emerging threats.

Like the established NCFTA organization in the U.S., the Canadian alliance said they will look to bring together law enforcement agencies, businesses and academic institutions to collaborate on cybercrime prevention measures. Read the complete article at: http://www.itworldcanada.com/Pages/Docbase/ViewArticle.aspx?id=idgml-923cea01-399a-4c30&Portal=448d158c-d857-4785-b759-ffa1c005933c&sub=267369

(0) Comments • Permalink

Recon 2008 (13-15 June 2008, Montreal)

Posted by Robb Beggs on 06/02 at 09:08 AM

RECON is a computer security conference being held in Montreal. The conference offers a single track of presentations, mostly dealing with advanced reverse engineering topics, over the span of three days.

RECON is the most technical security conference offered in Canada. Over the three days, speakers will cover topics such as: building plugins for IDA Pro, how I learned reverse engineering with Storm, applied reverse engineering on OS X, methods for analyzing malicious Office documents, Windows privilege escalation through LPC and ALPC interfaces, torwards an embellished macro descriptive language for reverse assembly code, bypassing security protections by backdooring libc, and much more! For additional information, check out recon.cx

(0) Comments • Permalink

1st Annual Cyber Security Conference, Calgary - Call for Papers

Posted by Robb Beggs on 05/23 at 11:48 AM

The 1st Annual Cyber Security Conference has been confirmed for September 8-9th, 2008 in Calgary Alberta. The focus of this year’s inaugural event will be Critical Infrastructure Protection Conference for Energy and Communications.

Focussing on Cyber Security for Energy, Utilities and Telecommunications, this conference will look at understanding the threats and hazards that the industry faces, and will explore solutions with respect to mitigation, response, recovery and private/public partnerships. Delegates will enjoy fantastic networking opportunities and hear internationally acclaimed subject matter experts. The private sector will also be showcasing their newest innovations and cutting edge technologies in cyber security, through the conference exhibition and interactive solution sessions.

Original papers on all aspects of cyber security and critical infrastructure protection for energy and telecommunications are solicited for submission. This call for papers will be open until June 30th, 2008. Full details and on-line submission forms can be found at: http://www.rebootconference.com/security2008

(0) Comments • Permalink

West Coast Security Forum, WCSF 2008 - Call for Papers

The 11th International West Coast Security Forum will be held at the Hyatt Regency Hotel in Vancouver, B.C. December 1-2, 2008. Original papers on all aspects of information security are solicited for submission. This call for papers will be open until June 30th, 2008.

“The Threat of Cyber Crime and Cyber Terrorism”
It’s a dangerous world we live in and each passing day, some new threat seems to appear. The terms cyber terrorism, information warfare and cyber crime seem to get used quite a bit in today’s media. Whether it’s hackers in Estonia conducting a massive distributed denial of service attack on their nation’s systems for revenge, the CIA reporting that hackers breached power grids Africa for extortion, a bot-net herder renting out your family’s PC for a denial-of-service attack, or a disgruntled job-applicant in Australia who hacked into a sewage treatment plant and reversed the flow into public parks, streams and the backyard of a prestigious hotel, no one can deny these events happen. There are countless more examples that support this assertion. Of course, invoking the word “terrorism” either inspires eye-rolling or flag-waving among many with little middle ground left for serious consideration. Unfortunately, these issues are very real and can affect even small and mid-s! ize businesses.

But can these things happen to your organization? In varying degrees, cyber crime and cyber terrorism or information warfare can easily affect you. In the end, motive – politics, profit, revenge, etc. – is the only difference between the three, but the impact on you occurs regardless. Why would anyone attack your company? What are the means and motives of these criminals? What can you do to protect yourself and your organization? All these questions and more will be answered by the collection of professionals and experts at this year’s International West Coast Security Forum.

For information on submitting papers, contact: http://www.rebootconference.com/wcsf2008

(0) Comments • Permalink

New book launched to help businesses comply with privacy law

The Office of the Privacy Commissioner of Canada (OPC) today launched a new book to help businesses comply with the Personal Information Protection and Electronic Documents Act (PIPEDA), the federal private sector privacy lawThe Office of the Privacy Commissioner of Canada (OPC) today launched a new book to help businesses comply with the Personal Information Protection and Electronic Documents Act (PIPEDA), the federal private sector privacy law. Leading by Example: Key Developments in the First Seven Years of PIPEDA was unveiled at a three-day summit organized by the International Association of Privacy Professionals.

Leading by Example shares insights gained since PIPEDA came into force in 2000 by highlighting some of the leading case findings on a number of important issues, including emerging technologies, data breaches and security measures.

“Hundreds of our findings and numerous judicial decisions together form an essential body of recommendations and case law,” says Assistant Commissioner Elizabeth Denham. “This new tool will help businesses comply with PIPEDA and improve their privacy practices.”

Leading by Example, as well as case summaries of some of the Commissioner’s findings, are available online at http://www.privcom.gc.ca.

The Privacy Commissioner of Canada is mandated by Parliament to act as an ombudsman, advocate and guardian of privacy and the protection of personal information rights of Canadians.

(0) Comments • Permalink

Welcome to the New Digital Defence!

Posted by Mark on 03/25 at 01:30 PM

DigitalDefence releases new website! Welcome to the new DigitalDefence website! Take a look at the new features, including:

• Service delivery is now built around our 2 core specialties – ASSESS, to prevent an attack; and RESPOND, to help you survive an attack
• New service: our PCI Pre-Audit prepares you to meet the certification required to handle credit card transactions
• New service: the PathFinder Audit is the fastest, most effective way to identify the gaps between your present security posture, and where you want to be
• The 3-day malware analysis course has been updated
• Blog, news items, and a Tumbleblog of Canadian Information Security news items – all available by RSS feed
• Calendar events are easier to find (feel free to contribute events as well)
• Easier navigation across the site

Contact Us, and let us know what you think!

(0) Comments • Permalink