by Bruce Walker
In recent weeks, a large slate of company websites has been hacked. Earlier this month, Twitter confirmed that cyber attackers may have stolen more than a quarter of a million usernames and passwords. Following the infiltration, the microblogging social media juggernaut notified the users that were affected.
This week, multiple NBC websites were hacked by online infiltrators and had initiated drive-by attacks. On Monday, Microsoft joined Apple and Facebook on the list of companies that were hacked and infected with malicious software. There is no doubt in the minds of technology experts that this will transpire again.
StoptheHacker.com published interesting statistics in the United States and around the world last year that looked at cyber crimes and malevolent hacking. These are some of the facts:
- The Sony Playstation Network had to shut down operations for a few days because 77 million user accounts were compromised
- 73 percent of Americans have fallen prey to an instance of cyber crime
- In the past 12 months, 90 percent of businesses had suffered a computer hack
- About 30,000 websites, most of them small businesses, are infected each day
- Nine million identities have been stolen in the past year
“Our biggest issue right now is getting the private sector to a comfort level where they can report anomalies, malware, incidences within their networks,” said the new head of the FBI’s cyber crime effort, Executive Assistant Director Richard McFeely, in an interview with Reuters. “It has been very difficult with a lot of major companies to get them to cooperate fully.”
Security Innovation, an application security firm founded by Dr. James A. Whittaker, is hoping to innovate the Internet and technology security industry by identifying the root cause of majority of data breaches: insecure software applications.
The company employs three standards of a safe and secure Software Development Lifecycle (SDLC): standards, education and assessment. The experts ensure that each of these “pillars” feed into each other to establish an environment of repeatable and secure software expansion and operation.
Its standards and process lead to a need for education and understanding. The education aspect creates standards and assessments that are implemented correctly. Security Innovation’s assessments bring about solutions in standards, education and enhanced tools management.
Security Innovation maintains a series of products that give widespread understanding of security computer-based training courses, encryption toolkits, and trusted computing middleware. Its services are just as comprehensive because they include software security assessment, application risk management instruction, training and embedded system design.
On its website, it features a security lab for visitors that consists of webcasts, free online courses, resource tools, books and cryptography. Its blog also covers the latest cybersecurity news, analysis and trends.
The company has been so successful that Jason Taylor, Security Innovation Chief Technology Officer, was recognized as Microsoft’ Most Valuable Professionals (MVP) in the Developer Security category.
“Security Innovation has been conducting cutting-edge research in the field of application security for more than ten years and is continually developing, refining, and sharing this research with the community at large,” said Ed Adams, CEO, Security Innovation, in a press release. “Jason is at the core of many of these initiatives; he shares a true passion for secure software development. His willingness and desire to share his expertise with the technical community has undoubtedly helped thousands of individuals to understand how to reduce application security risk.”
For more than a decade, it has assisted in the security apparatuses for ING Direct, Moody’s, Royal Bank of Canada, Google, GoDaddy.com, Nike, the United States Court of Appeals, Zargis Medical, Experian and many more private companies and public agencies.