IT security and privacy lawyer David Navetta says revelations that mobile devices such as the iPhone, iPad and Android maintain hidden files tracking users locations could pose a threat to organizations, regardless of whether the devices are owned by individual employees, the company or government agency for which...
From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.
While the cause of the Epsilon e-mail breach has not been publicly disclosed, the incident's aftermath has seen a growing list of organizations impacted by the breach. It also has ignited a new debate about the sensitivity of e-mail addresses.
The latest Verizon Data Breach Investigations Report is out, and the good news is: The number of compromised records is down. The troubling news is: The number of breaches is up. Bryan Sartin, one of the report authors, explains why.
Altra Federal Credit Union developed a calculated strategy before moving to the cloud -- advice all financial institutions should follow, says Brian Boettcher, VP of IT, who shares his lessons learned.
It's serious news that RSA's SecurID solution has been the target of an advanced persistent threat. But "It's not a game-changer," says Stephen Northcutt, CEO of SANS Institute. "Anybody who says it is [a game-changer] is an alarmist."
Terrell Herzig, information security officer at UAB Medicine, discusses the steps he's taking in the wake of the attack against RSA's SecurID two-factor authentication products.
"Persistent" is the operative word about the advanced persistent threat that has struck RSA and its SecurID products. "If the bad guys out there want to get to someone ... they can," says David Navetta of the Information Law Group.
New authentication guidance, when it is passed down federal banking regulators, needs to pay more attention to mobile, says former Bank of America executive David Shroyer.
After the revelation of Operation Aurora, the term began to take on a different meaning. "In essence," IBM's X-Force report says, "APT became associated with any targeted, sophisticated or complex attack regardless of the attacker, motive, origin or method of operation."
Three recent breach incidents, each involving the loss or theft of back-up drives, illustrate that some organizations are doing a better job than others in informing consumers about the steps they're taking to prevent more breaches.
Although many organizations are using encryption to protect data on mobile devices, they're often overlooking other important ways to prevent health information breaches, says Terrell Herzig, information security officer at UAB Medicine.
An Illinois childcare agency has articulated a revised security policy, including the use of encryption, in announcing a breach involving the apparent theft of three back-up unencrypted portable hard drives.
Users of RSA's SecurID two-factor authentication products, acting on advice from the company, are devising strategies to monitor for threats and take preventive steps in the aftermath of a hacker attack against the products.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
