Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.
When a database breach occurs, consumer notification continues to be a public problem. And it's time for the federal government to step in, says Linda Foley, co-founder of the non-profit Identity Theft Resource Center.
Healthcare organizations need to implement role-based privacy and security training to identify specific types of education for employees with different levels of access to protected health information, says Alex Eremia, chief privacy officer at MedStar Health.
Strong authentication, using both fact-based and behavioral-based fraud detection solutions, should be part of every financial institution's layered security approach, says Reed Taussig, CEO of ThreatMetrix.
A personalized medicine project leveraging genetic information holds great promise for improving patient treatment but raises certain privacy issues, says Scott Megill, CIO at the Coriell Institute for Medical Research.
Despite improvement in organizations' abilities to plan for and predict disasters, they still lack an effective response. In fact, the biggest gap in business continuity today is understanding, says Lyndon Bird, director at the Business Continuity Institute.
The Federal Deposit Insurance Corp. has fallen victim to another phishing attack, according to an e-mail alert sent out to customers. This newest attack entices consumers to click a link for details about "important information from your financial institution."
The National Strategy for Trusted Identities in Cyberspace (NSTIC), a government-private sector initiative, could enhance efficiency, security and privacy in all the transactions done online every day, says NIST's Jeremy Grant.
Organizations looking to improve their privacy management in the event of a breach "have to continually plan and prepare," says Nationwide's Chief Privacy Officer Kirk Herath. That means putting into writing a comprehensive plan.
Sen. Charles Schumer's amendment to Regulation E, which aims to give local governments and school districts the same level of protection as consumers, could set an adverse precedent for financial institutions, says Doug Johnson, vice president and senior advisor of risk management for the American Bankers Association.
House Cybersecurity Caucus Co-Founder Jim Langevin, D-R.I., says President Obama's cybersecurity legislative package is a step in the right direction, but lacks the stricter regulation needed for businesses that run critical IT infrastructures.
The recent Sony and Epsilon breaches sent a strong reminder that companies lack transparency and aren't prepared to respond to a breach once it occurs, says Kirk Herath, Chief Privacy Officer at Nationwide Insurance Companies.
"The threat environment is significant, and it's not possible for anyone to stay completely secure," Philip Reitinger says in one of his final interviews as deputy undersecretary of DHS's National Protection and Programs Directorate.