Chabrow hosts and produces the semi-weekly podcast ISMG Security Report and oversees ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.
Heartland Payment Systems hacker Albert Gonzalez seeks to overturn his conviction and 20-year sentence, a record for a computer breach, maintaining he committed his crimes with the knowledge of his Secret Service handlers.
"When it comes to APTs ... you don't bother to just simply hack the organization and its infrastructure; you focus much more of your attention on hacking the employees," says Uri Rivner, head of new technologies, identity protection and verification at RSA.
After the revelation of Operation Aurora, the term began to take on a different meaning. "In essence," IBM's X-Force report says, "APT became associated with any targeted, sophisticated or complex attack regardless of the attacker, motive, origin or method of operation."
RSA executives haven't been commenting publicly since the security solutions vendor revealed last week it had been victimized by a sophisticated cyberattack aimed at its SecurID two-factor authentication product. But weeks before the hack, I spoke with RSA Chief Technology Officer Bret Hartman about advanced...
The Department of Homeland Security is working with RSA in investigating what the IT security vendor characterized as an extremely sophisticated attacked aimed at its SecurID two-factor authentication products.
Securing data in the public cloud isn't much different from other types of IT security. "It's the same advice we give for almost any deployment of IT because it is still the right thing to do," NIST Senior Computer Scientist Tim Grance says.
"With the right people, process and technology, you could be able to put a system together that would greatly reduce the impact these types of attacks have," says cybersecurity expert Eric Cole, a SANS Institute faculty fellow.
What's embarrassing about the WikiLeaks episode isn't just the precarious position the publication of diplomatic cables put the U.S. in with its allies but the likelihood that one, low-level analyst accessed sensitive data without authorization and then leaked them.
The possibility grows that hackers could take away control of the car from drivers as more automakers provide vehicle-to-vehicle and vehicle-to-infrastructure communications networks to third-party development.
Hospital association lawyer, Melissa Bianchi, testifying before a Senate panel seeks exemptions for healthcare providers from the bill's beach notification rules because they're already covered by HIPAA.
Despite efforts to tighten security to prevent such digital invasions, the military understands such breaches could still occur, which led Lynn to say the military must develop and train its cyber defenders to act in a degraded information environment.
The leak of 75,000 internal military logs on the Afghanistan war is a major IT security breach, but the fact that the breach - or leak - of such magnitude occurred didn't seem to surprise many. And, two recent reports show why.
Los Alamos National Laboratory has spent $45 million to secure its classified computer network over seven years, according the GAO, yet significant weaknesses remain in safeguarding its classified computer network.