SaaS May Prevent Cybercrime
Cybersecurity Secure collaboration

Crime Scene A new 2010 comprehensive report on data breaches by Verizon and the US Secret Service shows that most of the breaches occurred on internally located and managed systems.  Many of these are database and application servers.  The report says that based on their data and analysis they cannot conclude if using cloud computing and SaaS makes it less likely that a data breach will occur.  This is clearly an area that requires more study.

Most of the hacking and cybercrime target systems that are worth money and easy to access.  Large institutions are not the only ones at risk.  That may be the largest payoff, but larger institutions tend to have more money and personnel to throw at the problem.  Some smaller organizations may not have the staff or technical expertise to shore up their systems.  This makes them vulnerable.

Congress Gets into the Cybersecurity Game

Yesterday the US House of Representatives passed the Cybersecurity Enhancement Act of 2009 which provides for major funding for security on the Internet.  This is in reaction to the The Cyberspace Policy Review done by President Obama last year which showed major vulnerabilities in the US computing infrastructure.  
This is a great step toward acknowledging major threats toward people and property and finally putting some money toward resolving them.  The bill would give the National Science Foundation money for research and require the National Institute of Standards and Technology (NIST) to work with other standards groups to develop internationally accepted standards and for leading public awareness campaigns.  It also talks about federal agencies conducting detailed assessments of their risks and developing plans for addressing them.