Information security was perhaps the top news item of 2009. We spent a lot of time talking about it--in all its forms. The issue is multi-faceted and getting more complex by the minute. Reuters offers an interesting commentary on the biggest blunders of the year. The top blunder of course was committed by Heartland Payment Systems. And the company paid for it. The firm had 31 separate lawsuits filed against it as a result of the breach; about 700 banks announced losses as a result of the Heartland breach. We're still seeing settlements on this. But the gaffe also led the firm to redouble its efforts at spearheading an encryption standard.

For every big breach there were tons of little ones, including one committed by an Ohio man who sent spyware to his girlfriend, apparently thinking she would view the email at home. Instead, she viewed it at work, unwittingly installing the spyware on her office computer. He ended up receiving sensitive medical data from a hospital on his computer; he got five years in prison. And then there's StrongWebmail, a hosted email provider that foolishly offered a $10,000 prize to anyone who could hack into their CEO's mailbox. They lost the bet.

For more:
- Here's the Reuters article

Related Articles:
Lawsuit against Heartland updated
Heartland's encryption program underway
Breach info sharing gets underway
PCI sets wireless security guidelines
Fraud management and PCI