Hackers target RSA's SecurID products, leading federal IT policymakers question America's preparedness for cyberattacks, new House bill would reform federal IT security governance and why Ohio state government decided to standardize on NIST IT security framework.
It's serious news that RSA's SecurID solution has been the target of an advanced persistent threat. But "It's not a game-changer," says Stephen Northcutt, CEO of SANS Institute. "Anybody who says it is [a game-changer] is an alarmist."
"Persistent" is the operative word about the advanced persistent threat that has struck RSA and its SecurID products. "If the bad guys out there want to get to someone ... they can," says David Navetta of the Information Law Group.
The announcement by RSA that it had been a victim of an advanced persistent threat shook the global information security industry. Stephen Northcutt of SANS Institute and David Navetta of the Information Law Group offer insight on what happened, what it means and how to respond.
Global banking institutions can learn from Japan's disaster planning and response. And a sophisticated cyberattack is launched against RSA, targeting the security unit of EMC's SecurID two-factor authentication products.
Global banking institutions can learn from Japan's disaster planning and response. And a sophisticated cyberattack is launched against RSA, targeting the security unit of EMC's SecurID two-factor authentication products.
"This is not a record of success; whatever we are doing is not working," says James Lewis of the Center for Strategic and International Studies. "As a nation, despite all the talk, we are still not serious about cybersecurity."
Key U.S. IT networks remain vulnerable to attack, undermining confidence in the nation's IT systems and the information collection and sharing process, Homeland Security Deputy Undersecretary Philip Reitinger and other officials say.
A second California state agency has launched an investigation into insurer Health Net's recent information breach incident that may have affected 1.9 million individuals nationwide.
"Almost everyone has a firewall and is using it; it's just not necessarily a relevant defense against the way people are actually being attacked," says Josh Corman, research director of enterprise security at security consultancy The 451 Group.
The bill, sponsored by House Cybersecurity Caucus Co-Chair James Langevin, would create a White House office of cyberspace and replace paper-based FISMA compliance with automated, continuous monitoring of IT systems.
Topics to be addressed at the NIST cloud computing forum include the cloud's trustworthiness and standards. Google Chief Internet Evangelist Vint Cerf and NIST Director Patrick Gallagher also will speak.
Doug Fridsma, M.D., Ph.D., of the HHS Office of the National Coordinator for Health IT, compares and contrasts the security approaches of two federal health information exchange projects.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.
