The rapid increase of security breach has overshadowed most information security news lately. Recently, a spokesman for US Airways confirmed that some two-thirds of the airline’s pilots — 3,000 of its employees — were affected by the breach. “We take any claim of the breach of sensitive data very seriously,” the spokesman said.
Today’s revelations regarding information security breach reveals that information security is still penetrable at some of the world’s biggest, and most popular organizations. A lot of work still needs to be done to make it highly secured when it comes to managing confidential information.
The USAPA, a union that represents 5,200 US Airways pilots, publicly expressed its frustration with the airline’s handling of the case. The USAPA said the airline recently revealed that a management-level pilot leaked a database of US Airways pilot names, addresses, Social Security numbers, and possibly passport information to a third-party pilot group. The pilots of US Airways, expressed their outrage at the airline’s acknowledgement that its management personnel aided in unauthorized distribution of the highly confidential personal data of thousands of pilots.
USAPA is currently cooperating with a criminal investigation into this matter. Mike Cleary, president of USAPA. “Thousands of us have been exposed to identity theft that could impact us for the rest of our lives. Further, as the Federal Bureau of Investigation has yet to determine the extent of the breach, we are concerned about the security of all information provided to US Airways – including our families’ personal information.
US Airways collects personal information on US Airways employees’ family members and information from passengers, such as credit card data.” “In light of this breach, USAPA has concluded that US Airways cannot be trusted with confidential or sensitive information,” said Cleary. “The union is also extremely disappointed by the Company’s lack of aggressive action to address this issue, first denying that a significant breach had even occurred, then equivocating concerning the extent of that breach, all the while taking no remedial action against the Company personnel involved in the breach. Significantly, the Company has also failed to take steps to provide lifelong protection to the pilots directly affected and adequately address the potential national security issues for all of our pilots and passengers.”
In another case revolving unauthorized access, the UK government cancelled a highly lucrative contract last week because the company that won the contract illegally gained access to confidential information that allegedly gave it competitive advantage over other businesses bidding for the same contract. On this occasion it has resulted in a £6bn loss in revenue. This is a situation where going through a due and fair process is the best route to follow even if you loose the contract. The private consortium Soteria that had been named as preferred bidder for the £6bn contract, which was due to run by 2012 had gained access to commercially sensitive information according to the Ministry of Defense.
The UK military police are currently investigating how a former RAF officer now working with Soteria was able to gain access to commercially sensitive information and pass it on to his current employers. Information security іѕ a very іmрοrtаnt issue. Unauthorized access to information is considered as data breach, which affects individuals and business.
Information security professionals need to constantly seek to defend their information security network from risks and attacks, not only resulting from malwares, but also from unauthorized access from individuals. One way to mitigate internet security risks is with technical security training. EC-Council’s brand new TakeDownCon is a technical information security conference series, in addition to learning from some of the best security experts, TakeDownCon also offers highly sought after technical training courses, including the Certified Ethical Hacker (CEH) course, often touted as the world’s most comprehensive ethical hacking training program.
The CEH Program certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. The Certified Ethical Hacker certification will fortify the application knowledge of security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. A Certified Ethical Hacker is a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker.
ABOUT EC-COUNCIL
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous ethical hacking training, the Certified Ethical Hacker (CEH) course, Computer Hacking Forensics Investigator (CHFI) program, License Penetration Tester (LPT) program and various other technical security training programs offered in over 70 countries around the globe.
EC-Council has trained over 80,000 individuals and certified more than 38,000 security professionals. These certifications are recognized worldwide and have received endorsements from various government agencies including the US federal government, National Security Agency (NSA), Committee on National Security Systems (CNSS), US Army, FBI, Microsoft and CERTs (Computer Emergency Response Team) of various nations. TakeDownCon Dallas 2011, is one of the conferences of EC-Council’s Take Down information security conference series.
Article from articlesbase.com
Find More National Security Articles
