Instead of sabotage, as Stuxnet was used on Iranian nuclear centrifuges, Duqu is designed to gather intelligence that could help attackers mount a future digital assault on industrial control facilities.
Mike Brown and Amry Junaideen see audits as great tools to promote heftier IT security budgets, substantiating where dollars should be spent to safeguard an organization's information systems and assets.
Giving employees the chance to use their own mobile devices on their employers' network isn't necessarily given. That's what Delaware Chief Security Officer Elayne Starkey found when the state implemented a new program to allow the secure use of personal devices on state networks.
The nation's new chief HIPAA enforcer views the protection of privacy as an important way to help ensure patients have access to care. And his passion about the issue means you can expect HIPAA enforcement efforts to intensify in the months ahead.
"It should provide fuel for anyone calling for data breach legislation to include criminal sanctions ...," says Neal O'Farrell of the Identity Theft Council. "This was nothing short of a clumsy cover-up."
UBS's $2 billion loss to rogue trading provides lessons for all banks. What's missing in today's financial institution culture is a balance between profits, ethics and governance, says risk management expert Frances McLeod.
Eric Rosenbach works with Defense Secretary Leon Panetta and other top DoD leaders to formulate, recommend, integrate and implement policies and strategies to improve the Defense Department's ability to operate securely in cyberspace.
RSA Chief Executive Art Coviello challenged a widespread belief that cybersecurity awareness could curb cyberthreats: "There's no amount of consumer education to make them smart enough to resist attacks. They're just too sophisticated."
Elayne Starkey recently gave up her BlackBerry for an iPhone, and uses the Apple mobile device for personal and work doings, securely connecting to the computer system of her employer, the state of Delaware.