IT Security Rewind – Week of January 30, 2012
| Uncategorized |
by Josh Arrington
At CyberArk we don’t typically like to brag about our achievements, but we have had such a great week that we can’t help but show off a bit. This year we have been shortlisted for not one, not two, not even three but FOUR SC Magazine Europe Awards! We are very excited and wanted to send our congratulations to all of the finalists that were also shortlisted in the Best IAM Solution, Best Remote Access, Best Security Management and Information Security Product of the Year Categories. While we’ve been celebrating we’ve also been paying close attention to some evolving stories in cyber legislation as well as an interesting twist on a phone hacking and wanted to put stories out there to get our readers’ opinions:
- Bloomberg Businessweek reported that the Cyber-Security bill has been delayed in reaching a vote on the Senate floor. The Senate bill would authorize the Homeland Security Department to identify infrastructure that’s “considered critical to U.S. economic and national security” and develop standards that must be met to protect them. Understanding the security threat that cyber war poses on our nation and the number of sophisticated hackers out there, advisors are doing their best educate the Senate on the urgency behind this bill. Bruce McConnell, a counselor to Napolitano on cyber security matters stated, “What we were here today to do was make sure the Senate understands the severity and importance of the threats that we’re facing and the need for action.”
- Trying to hide your organization’s data breach? VeriSign proved this week that you can actually get away with it. After scouring 2,000 SEC filings Reuters reported this week that VeriSign was actually hit by hackers back in 2010 but did not report the breach until their SEC filing in October of 2011. How is this possible when the company states that “more than half (56%) of the world’s DNS hosts rely on the VeriSign .net and .com infrastructure”? Well, as long as credit card data isn’t involved organizations actually aren’t forced by the government to reveal a breach to the public.
- Finally, FOX News and other outlets reported that a phone call between the FBI and Scotland Yard was recorded and released online by the hackers in Anonymous. Luckily, the FBI said that there was no classified information on the call, but it was still accessed illegally. Anonymous tweeted that they were able to hack the phone call by compromising an investigator’s emails. If the call is authentic, it is quite jarring that the group was able to hack into the very call that discussed proceedings for past offenses. We’d love to get your thoughts on these legislative issues as well as the phone hacking – do you think the Senate is taking the threat of cyber war seriously? Should VeriSign have been forced by law to reveal that they were breached? Is Anonymous a bigger threat than we anticipated?
Let us know in the comments!