Judge Spares Former Uber CISO Jail Time Over 2016 Data Breach Charges
Tell other CISO's "you got a break," judge says in handing down a three-year probation sentence to Joseph Sullivan.
Jail-related security coverage examines how cybercrime investigations, prosecutions, and prison systems intersect with digital evidence and network security.
Search across headline titles and summaries.
Background for this topic.
Jail is a containment mechanism that restricts a process or user to a defined environment, such as selected files, system resources, processes, and network access. The term commonly describes operating-system features such as Unix-style filesystem jails, rather than a physical facility or a general-purpose virtual machine.
Jails limit the damage a compromised service or untrusted program can cause, but they are not automatically a complete security boundary. A vulnerable kernel or jail implementation, excessive privileges, exposed sockets, writable host paths, or incorrect resource and network rules can enable escape or access beyond the intended scope. Secure operation therefore requires least-privilege configuration, separation of sensitive data, patching the host and jailed software, and monitoring both the jail and its controlling interfaces. In vulnerability management and incident response, defenders should verify whether suspected activity remained confined and treat a jail escape as host-level compromise.
Tell other CISO's "you got a break," judge says in handing down a three-year probation sentence to Joseph Sullivan.
'The get-out-of-jail-free card option has been removed' as one expert put it Merck's insurers can't use an "act of war" clause to deny the pharmaceutical giant an enormous payout to clean up its NotPetya infection, a court has ruled.…