jump to navigation

Lindsey Stone – Apology Posted for Actions at Tomb of Unknowns November 21, 2012

Posted by Chris Mark in Uncategorized.
Tags: , , ,
1 comment so far

UPDATE- Lindsey Stone and her friend published the following apology.  

“We sincerely apologize for all the pain we have caused by posting the picture we took in Washington DC on Facebook. While posted on a public forum, the picture was intended only for our own amusement. We never meant any disrespect to any of the people nationwide who have served this country and defended our freedom so valiantly. It was meant merely as a visual pun, intending to depict the exact opposite of what the sign said, and had absolutely nothing to do with the location it was taken or the people represented there. We never meant to cause any harm or disrespect to anyone, particularly our men and women in uniform. We realize it was in incredibly poor taste, and are deeply sorry for the offense we have caused.

We also sincerely apologize to LIFE, Inc. It is an amazing organization that provides invaluable services to adults with learning and developmental disabilities. We are beyond remorseful that our actions have caused them such undue public scrutiny. The disrespect implied by our picture has nothing at all to do with LIFE’s mission statement or values. We regret having caused any suffering to the staff members, residents, families and friends.

Again, we very sincerely apologize to everyone who took offense to the photo. We realize that it was an ignorant and distasteful thing for us to do, but we truly meant no harm. We are deeply sorry.”

Lindsey Stone – Disrespecting the Tomb of the Unknowns November 20, 2012

Posted by Chris Mark in Uncategorized.
Tags: , , , , , ,
3 comments

Forgive this rant on this blog.  Several months ago, a person posted a video mocking Islam and it created issues that resulted in riots.  Yesterday we have a young woman named Lindsey Stone who works for LifeCapeCod posting a picture on the Internet of her disrespecting the Tomb of the Unknowns.    When taken to task for the posting her response was what one would expect of a self described “douchebag” (her words…not mine).  Here is her response.  “Whoa, whoa, whoa…wait.  This is just us being the douchebags that we are, challenging authority in general. Much like the pic posted the night before, of me smoking right next to a no smoking sign. OBVIOUSLY we meant NO disrespect to people that serve or have served our country.”  I find it particularly interesting that she is willing to act in such a disrespectful manner and the, when caught, disavow her behavior.  Protest is a great part of our country’s history.  Disrespectful, offensive behavior in front of memorials is deplorable.  Not only did Lindsey Stone disrespect a memorial she chose the one memorial dedicated to those brave men and women who were not identified and in turn whose own families have not had a chance to properly mourn their loved ones.  The Tomb of the Unknowns is a sacred memorial for those who have paid the ultimate price.  It is offensive for Ms. Stone to equate her behavior to that of “smoking next to a non smoking sign.”  She should be ashamed and her parents and friends should be ashamed.

“Here Rests In Honored Glory and American Solder Known But To God.”

Chris in October 2012 Issue of PenTest Magazine October 30, 2012

Posted by Chris Mark in Uncategorized.
Tags: , , , , , , , , ,
add a comment

Check out the October 2012 issue of PenTest Magazine for tons of valuable information on the PCI DSS and how Pen Testing can be used to support compliance and validation.  I have an article in the magazine titled: “Introduction to PCI DSS for the PenTester”  You need to register as a user or subscribe to access the articles.

“Boo!” – October 2012 issue of TransactionWorld October 30, 2012

Posted by Chris Mark in Uncategorized.
Tags: , , , , , ,
add a comment

I (Chris) am finally back in the US after traveling for the past two months.  If you haven’t had a chance yet, please check out October’s issue of TransactionWorld and read articles by Chris Mark (Security Economics) and Heather Mark (Portable Security).  If you don’t subscribe to TW, you should check it out.  Everything you could want to know about payments. (well..not everything but quite a bit).

Beating an Old Drum October 27, 2012

Posted by Heather Mark in cybersecurity, Data Breach, Industry News, InfoSec & Privacy.
Tags: , , , , , , ,
add a comment

It’s the end of what has already been a tough year for data security.  And the news just got worse.  South Carolina has announced that its Department of Revenue suffered a major breach.  The breach is so massive, in fact that more than 75% of the state’s residents have been affected.  The compromised data consisted of the (unencrypted) social security numbers of more than 3.6 million residents.  Also included in the breach were about 390,000 payment cards.  Most of those were encrypted, though.

This is disturbing on a number of levels.  I find it curious, for example, that while encryption was deployed, it was only deployed on payment cards (and not even on all of those).  Consumers have built in protections on payment cards.  As long as those cards are branded by one of the major card brands, consumers are protected against liability for fraudulent transactions.  The far more sensitive data, the social security numbers, were not encrypted, though.  This defies logic.  Consumers have little to no protection against misuse of SSNs.  Not only can very real financial damage be done, consumers have to spend enormous resources (time, money, emotions) in untangling the identity theft knot that comes with stolen SSNs.

Secondly, in the wake of the breach, Governor Nikki Haley issued an executive order that read: “I hereby direct all cabinet agencies to immediately designate an information technology officer to cooperate with the State Inspector General who is authorized to make recommendations to improve information security policies and procedures in state agencies.”  WHAT?  If I’m inferring correctly, it seems that these agencies didn’t have an information technology officer already?? That is very troubling, particularly considering the types of data that state agencies hold.  After 3.6 million (out of about 4.7 million) residents have had their sensitive data stolen is not a great time to decide that data security and privacy should become priority.

Private sector organizations have been working for years to shore up their data security, and in some cases (PCI DSS, HIPAA/HITECH, GLBA, SOX, state laws) face real consequences for failure to protect that data.  It’s long past time states put forth the same level of protection.  On the plus side, the state did comply nicely with its own data breach notification law.