A roundup of this week's top news: Hackers target RSA's SecurID products. Also, Japan's nuclear crisis: What do you need to know? Plus: New Health Net breach may be biggest ever.
"Persistent" is the operative word about the advanced persistent threat that has struck RSA and its SecurID products. "If the bad guys out there want to get to someone ... they can," says David Navetta of the Information Law Group.
The announcement by RSA that it had been a victim of an advanced persistent threat shook the global information security industry. Stephen Northcutt of SANS Institute and David Navetta of the Information Law Group offer insight on what happened, what it means and how to respond.
"Almost everyone has a firewall and is using it; it's just not necessarily a relevant defense against the way people are actually being attacked," says Josh Corman, research director of enterprise security at security consultancy The 451 Group.
"This is not a record of success; whatever we are doing is not working," says James Lewis of the Center for Strategic and International Studies. "As a nation, despite all the talk, we are still not serious about cybersecurity."
All organizations - including federal agencies - must leverage technologies that exist today to secure online transaction systems for E-Gov. Until now, fragmented silos of security technologies have been used to protect individual applications, data, or users. In a world of Webconnected smart phones and interactive...
Australia's government agencies can learn a lot from the nation's banks, when it comes to risk management and protecting privacy, says Graham Ingram, General Manager of the Australian Computer Emergency Response Team. "There are too many people in government organisations who are in denial [of risks]," he says.
Adequate funding for privacy and security measures is essential to the success of sharing electronic health records to improve the quality of care, says William Braithwaite, M.D., Ph.D.
Until the IRS corrects the identified weaknesses, its financial systems and information remain unnecessarily vulnerable to insider threats, including errors or mistakes and fraudulent or malevolent acts by insiders, GAO auditors says.
Virtually every company has protection against email-based viruses and spam. But what about protection of email? Unsecured email travels across the Internet as plain test and can reside for months on multiple servers, vulnerable to interception by hackers and data thieves. You may as well have put it on a postcard...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.