"Given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our networks," says CISO Phillip Reitinger.
As the Bank of America website outage proved, "Assuming it's an attack or breach is now the default response," says ID theft expert Neal O'Farrell. So, how can organizations change that perception?
The hacktivist group Anonymous allegedly threatened to "erase the New York Stock Exchange" from the Internet on Oct. 10. How credible is the threat, and how should security leaders respond?
"It should provide fuel for anyone calling for data breach legislation to include criminal sanctions ...," says Neal O'Farrell of the Identity Theft Council. "This was nothing short of a clumsy cover-up."
"Organizations are putting in layers of security and tools to safeguard information and assets, however, the fraudsters are attacking our weakest link, the consumer," says Anthony Vitale of Patelco Credit Union.
UBS's $2 billion loss to rogue trading provides lessons for all banks. What's missing in today's financial institution culture is a balance between profits, ethics and governance, says risk management expert Frances McLeod.
"With a company-issued device, you can issue a policy that says users have no rights of privacy over information on the device," says Javelin's Tom Wills. But with employee-owned devices? A whole new set of issues.
RSA Chief Executive Art Coviello challenged a widespread belief that cybersecurity awareness could curb cyberthreats: "There's no amount of consumer education to make them smart enough to resist attacks. They're just too sophisticated."
From the earthquake in Japan to Hurricane Irene in the U.S., organizations worldwide have found their business continuity and disaster plans tested. But what lessons must we draw from these incidents?
Ten years after the 9/11 attacks, many organizations still need to do a better job of monitoring their networks for threats, says security specialist Mac McMillan.
Elayne Starkey recently gave up her BlackBerry for an iPhone, and uses the Apple mobile device for personal and work doings, securely connecting to the computer system of her employer, the state of Delaware.
BofA's announcement to charge customers for debit transactions is likely just the beginning, as banks across the U.S. react to debit interchange cuts that take effect Oct. 1.
The certificate authority system is flawed. It's like the Wild West, disjointed and unregulated, where no enforcement exists for standardized accountability.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.