When it comes to e-marketing and the reliance on third parties such as Epsilon, Nicolas Christin of Carnegie Mellon University says banks and merchants should "come clean" about the information they share with outside entities.
Privacy Attorney Lisa Sotto says the Epsilon e-mail breach is a warning about the state of data security employed by some third-party service providers. Strong contracts related to security practices must be the norm, not the exception.
March's top news and views: DOD officials explain how a WikiLeaks breach will not happen again, RSA chief technology officer discusses the challenges in dealing with advanced persistent threat attacks and how Ohio decided on a NIST framework. And don't miss our month-in-review podcast by Executive Editor Eric Chabrow.
A comprehensive bill to dramatically change the way the federal government addresses cybersecurity could pass the Senate as early as this summer, Sen. Thomas Carper, who chairs a Senate panel with IT security oversight, says in an interview with GovInfoSecurity.com.
RSA CTO Bret Hartman on advance persistent threats, before the breach; face of federal IT security leadership, putting IT security workforce in perspective, federal cyber incidents up 39 percent; and our special report on the RSA breach and its impact. And don't miss our audio week-in-review podcast by Executive...
Marcus Ranum isn't just a well-regarded information security expert. He's also a customer of the RSA SecurID product, and he's got some strong feelings about the RSA breach and how the industry has responded to it.
The announcement by RSA that it had been a victim of an advanced persistent threat shook the global information security industry. Stephen Northcutt of SANS Institute and David Navetta of the Information Law Group offer insight on what happened, what it means and how to respond.
Hackers target RSA's SecurID products, leading federal IT policymakers question America's preparedness for cyberattacks, new House bill would reform federal IT security governance and why Ohio state government decided to standardize on NIST IT security framework.
It's serious news that RSA's SecurID solution has been the target of an advanced persistent threat. But "It's not a game-changer," says Stephen Northcutt, CEO of SANS Institute. "Anybody who says it is [a game-changer] is an alarmist."