Former Anonymous member “SparkyBlaze” advises companies on how to avoid massive data breaches.
InformationWeek, By Mathew J. Schwartz, August 31, 2011
Want to avoid large-scale data breaches of the type served up by hacking group Anonymous, and its LulzSec and AntiSec offshoots? Start by paying attention to the security basics, including hiring good people and training employees to be security-savvy. “Information security is a mess. … Companies don’t want to spend the time/money on computer security because they don’t think it matters,” said ex-Anonymous hacker “SparkyBlaze,” in an exclusive interview with Cisco’s Jason Lackey, published on Cisco’s website Tuesday. Traditionally, IT works in a break-fix mode within operational silos. Discover the benefits of a holistic approach to IT management. Accordingly, what’s the best way for businesses to improve the effectiveness of their information security efforts? SparkyBlaze offered 14 tips, ranging from using “defense-in-depth” and “a strict information security policy”; regularly contracting with an outside firm to audit corporate security; and hiring system administrators “who understand security.” Also encrypt data–“something like AE-256,” he said–and “keep an eye on what information you are letting out into the public domain.” http://www.informationweek.com/news/security/intrusion-prevention/231600561