Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

FICO Hacks Itself to Prevent Cybercriminal Attacks

From: InfoSec News <alerts () infosecnews org>
Date: Wed, 11 Apr 2012 00:34:02 -0500 (CDT)
Forwarded from: Simon Taplin <simon (at) simontaplin.net>

http://www.businessweek.com/articles/2012-04-03/fico-hacks-itself-to-prevent-cybercriminal-attacks

By Sarah Frier
Businessweek
April 03, 2012
Vickie Miller is trying to break into FICO’s computer network, whose hundreds of servers store essential data for Visa (V), MasterCard (MA), and many other large corporations and banks.
Don’t mistake this for hacking. Miller is the security director at FICO (FICO), the credit-scoring company. She’s using an approach to computer security called penetration testing, which lets her scour a digital map to find ways to break into her own company’s data before a cybercriminal can. “We knew we needed, as aggressively as possible, to be able to find our weaknesses and fix them before anybody else does,” Miller says. “We had been focused on defending and responding. I knew we could do better.”
As the costs of data hacks surge—the average loss is $5.5 million—and information thieves become better-funded and more coordinated, FICO and companies from EBay (EBAY) to Peet’s Coffee & Tea (PEET) are expanding efforts to prevent attacks. They’re feeding a market for data-vulnerability management that may grow to almost $1 billion in 2016, from $400.5 million in 2011, according to consulting firm Frost & Sullivan. That benefits companies such as Core Security Technologies and Rapid7.
By anticipating hacks, instead of just monitoring and reacting to suspicious activity, businesses are trying to avoid becoming the next Sony (SNE), where an attack compromised more than 100 million customer accounts last April in the second-largest online data breach in U.S. history. “Some of the mega-breaches are likely to become more common,” says Larry Ponemon, founder of the Ponemon Institute, a Washington-based privacy and data-protection research group. “The cybercriminal has more tools at their disposal.” 

[...]


_______________________________________________
LayerOne Security Conference
May 26-27, Clarion Hotel, Anaheim, CA
http://www.layerone.org
Previous By Date Next
Previous By Thread Next

Current thread: