Microsoft in global partnerships to fight cyber crime
Redmond, Wash. — Microsoft Corp. announced three new global partnerships Wednesday with the Organization of American States, Europol and FIS to increase cooperation between international law enforcement and the private sector in combating cybercrime and helping build a safer Internet.
Microsoft officials signed memorandums of understanding with representatives of the three organizations during the company’s first annual Cybercrime Enforcement Summit, which brought together more than 60 leaders and experts from law enforcement, academia and the private sector to share legal and technical solutions to confront the global spread of cybercrime. The conference follows the opening last fall of the Microsoft Cybercrime Center, a state-of-the-art facility designed specifically to advance the global fight against cybercrime.
The agreements establish a framework for cooperation and are intended to spur collaboration and help Microsoft work with each of the three organizations to pursue criminal enterprises engaged in cyber crime. Microsoft, the OAS, Europol and FIS anticipate that the collaboration will enable them to strengthen their forensic and technical analysis of malware and botnets; assessment and investigation of emerging malware threats; enforcement actions against cybercriminals; and the ultimate dismantling of these criminal organizations.
"Cyber criminals are increasingly sophisticated in preying on consumers, including children and senior citizens," said Brad Smith, Microsoft executive VP and general counsel. "These agreements will help the private and public sectors fight cybercrime more effectively, while protecting our customers’ privacy."
The OAS was established in part to strengthen collaboration among its member states, which currently includes all 34 independent states of the Americas. OAS is committed to developing a culture of cyber security by taking effective, preventative measures to anticipate, address and respond to cyber attacks.
comScore names new CEO
Reston, Va. — comScore promoted president Serge Matta to the role of CEO as the digital measurement firm swung to a profit in the fourth quarter.
Matta fills the position occupied by Dr. Magid Abraham who, along with Gian Fulgoni, co-founded the company. Abraham will relinquish the CEO role and serve as executive chairman of the board of directors, assuming a position currently held by Fulgoni who will become chairman emeritus. All appointments are effective March 1.
"This announcement represents the culmination of a thoughtful, multi-year succession planning process, and the board is confident that this is the right time to elevate Serge to the CEO role," said Abraham. "The company delivered strong results in 2013, and we continue to enter into powerful partnerships that we expect to drive long-term growth and profitability, many of them conceived and driven by Serge. He has clearly demonstrated the strategic thinking, leadership ability, execution skills and client relationship skills to allow comScore to capitalize on the many exciting and transformative opportunities ahead of us. At the same time, I am excited to focus my energy and passion on driving innovation and product leadership."
Report: Most businesses fail to meet card security standards
New York – A new Verizon report has found that too many businesses, following their annual assessment for meeting the Payment Card Industry Data Security Standard, fail to maintain ongoing compliance – putting the businesses at an increased risk for data breaches, and financial and reputational damages.
The “Verizon 2014 PCI Compliance Report” indicates that payment card transactions remain a prime target for attackers, and the rate at which data breaches are occurring appears to be increasing. According to the report, in most cases, payment card data breaches are not a failure of security technology or of compliance with the Payment Card Industry Data Security Standard (PCI DSS), but rather a failure to implement appropriate compliance and security measures as intended.
However, organizations’ initial compliance with the PCI standard has shown some improvement. In 2013, more than 82% of organizations were compliant with at least 80% of the PCI standard at the time of their annual baseline assessment, compared with just 32% in 2012.
There were also regional differences due to breach notification laws, varying legal requirements and levels of adoption. The Asia-Pacific region took the top spot (75%), followed by the U.S. with 56% and Europe with 31% in meeting at least 80% of the PCI requirements.
Areas where businesses struggle the most in achieving initial compliance include: security testing (23.8%); security monitoring and the ability to effectively detect and respond to data compromised (17%); and protecting stored sensitive data (55.6%).
“We continue to see many organizations viewing PCI compliance as a single annual event, unaware that compliance needs to have a 365 day-a-year focus,” said Rodolphe Simonetti, managing director, PCI practice, Verizon Enterprise Solutions. “Anything less than 100% compliance is an issue for businesses today. We have seen time and time again that noncompliance leaves an organization open to credit card theft, which can potentially cost hundreds of millions of dollars when you factor in all the damages, not to mention lost consumer trust and the impact on brand reputation. Organizations need to rethink how they factor in maintaining a PCI-compliant environment, whether it’s devoting more resources or working with a managed security services provider.”