After the revelation of Operation Aurora, the term began to take on a different meaning. "In essence," IBM's X-Force report says, "APT became associated with any targeted, sophisticated or complex attack regardless of the attacker, motive, origin or method of operation."
Three recent breach incidents, each involving the loss or theft of back-up drives, illustrate that some organizations are doing a better job than others in informing consumers about the steps they're taking to prevent more breaches.
Known as the Citizen Patrol Unit, the group of some 30 civilian volunteers has been tasked with monitoring pay-at-the pump terminals throughout one community, looking for signs of tampered terminals or the installation of illegal skimming devices.
A comprehensive bill to dramatically change the way the federal government addresses cybersecurity could pass the Senate as early as this summer, Sen. Thomas Carper, who chairs a Senate panel with IT security oversight, says in an interview with GovInfoSecurity.com.
"We are looking to build a cybersecurity workforce from the ground up, rather than hire those already trained," says Nicole Dean, Deputy Director of the National Cyber Security Division at DHS. "We are looking to hire the best and the brightest."
A draft of a Federal Health IT Strategic Plan provides a roadmap that the next national coordinator for health IT may use in spearheading many efforts, including protecting the privacy of healthcare information.
This kind of problem happens to everybody, says Marcus Ranum, CSO of Tenable Network Security, in response to the widely publicized breach at RSA. And maybe hes right. Perhaps this kind of problem does happen to everyone. But should it?
Phishing represented more than half of the 107,439 cyber incidents compiled by the U.S.-CERT for fiscal year 2010 from federal, state and local governments, commercial enterprises, American citizens and foreign CERT teams.
"In this future, cyber devices have innate capabilities that enable them to work together to anticipate and prevent cyber attacks and recover to a trusted state," says DHS Deputy Undersecretary Philip Reitinger.
Auditors find that the SEC's IT office documented and incorporated National Institute of Standards and Technology patch requirements in its policies and procedures but that guidance wasn't always followed.
RSA executives haven't been commenting publicly since the security solutions vendor revealed last week it had been victimized by a sophisticated cyberattack aimed at its SecurID two-factor authentication product. But weeks before the hack, I spoke with RSA Chief Technology Officer Bret Hartman about advanced...
The federal list of major health information breaches that have occurred since September 2009 included 249 incidents affecting nearly 8.3 million individuals as of Tuesday. But the total affected could surpass 10 million once details about the recent Health Net breach are added.
Fraud, risk management emerging technologies -- these issues know no boundaries. That's why we're launching a series of new international BankInfoSecurity sites to draw proper attention to local issues that impact the global banking industry.
Complying with industry security standards such as PCI is not just a sound practice, it actually improves the bottom-line, a new survey commissioned by Tripwire finds.
Government auditors gave the Federal Deposit Insurance Corp. a sort of a pat on the back of a job well done in plugging holes in its IT security regarding the FDIC's financial systems.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.