Statement from Yubico CEO on Zappos.com Security Breach

“A security breach of the magnitude experienced by Zappos.com is a serious concern for any business that relies exclusively on Internet orders for sales,” said Stina Ehrensvard, CEO, Yubico, Palo Alto, California and Stockholm, Sweden, commenting on how hackers exposed 24 million client records in a security breach over the weekend.  “While it appears Zappos’ securely protected the database that housed credit card information, hardware security modules (HSMs) could have prevented the exposure of Zappos’ customer password data that were compromised from the organization’s servers in Kentucky.  The exposure of email addresses and password hashes of weak and duplicated passwords leaves customers exposed across potentially many sites.  The perception is HSM and related services are very expensive, but the cost and complexity for this needed technology has fallen dramatically to a few hundred dollars and the cost of not deploying it is very high as Zappos has shown.”

“Additionally, Zappos has reset and expired their customers passwords and is helping them choose new passwords.  We believe a better solution is the new breed of consumer-friendly one time passcode tokens that users can keep on their key chains to replace weak and duplicated passwords,” Ehrensvard continued.

October is National Cyber Security Awareness Month (NCSAM)

It’s October 1st! Today kicks off the Annual National Cyber Security Awareness Month to help increase awareness of the dangers that exist online and develop best practices to avoid being a victim of cybercrime. 

Established by the National Cyber Security Alliance (NCSA), a non-profit partnership of educational institutions, professional organizations, corporations and the Federal government. National Cyber Security Awareness Month (NCSAM), conducted every October since 2001, is a national public awareness campaign to encourage everyone to protect their computers and our nation’s critical cyber infrastructure.

Today’s evolving Web-based threats such as phishing attacks, spyware and identity theft are top concerns for businesses and consumers alike. By utilizing proper precautions such as multiple passwords, updated security patches, and software solutions - ex. web filtering, anti-virus, firewalls - users can build a strong defense against cyber crime. National Cyber Security Awareness Month reaches more millions of Americans through media, middle school and high school lesson plans, and partnerships with dozens of companies and associations.

The success of National Cyber Security Awareness Month rests everyone to engage in education and awareness activities. There are opportunities for everyone from home users to major corporations and government entities to get involved.

To view ways that you can get involved with NCSAM, please visit for tips -  http://www.staysafeonline.org/content/get-involved-0

Here are four tips for parents to help their children safely surf the web.

Place the computer in an open area of the home – computer time becomes a family activity. If the screen is easily visible, your children will be much more hesitant to do activities that can be considered questionable. 

Develop and discuss a set of rules for online activity – by thoroughly discussing what types of activities you feel are inappropriate for computer use, you children will already know what they should or should not do. Create a pledge with what activities they will or will not do and have them sign it. 

Pay attention to what your children are doing online – check the browsing and recent page accessed history, unfortunately, this activity be easily erased if your children know how. If that is the case, you may want to install web filtering and monitoring software. 

Educate yourself and share your knowledge – this could be the most important step. If you are aware of the dangers online (viruses, online predators, social media threats, etc.) you will be able to have educated discussions with your children about Internet safely and why they need to be careful with who they talk to and what information they share. 

What are you doing to support National Cyber Security Awareness Month?? spread the word and surf safely!