The Internet is inherently insecure, and the only way to ensure today's evolving information systems is to build them upon three pillars of trust. This is the premise of Mike Ozburn, Principal at Booz Allen Hamilton, which has just authored a new white paper about these pillars.
Until the IRS corrects the identified weaknesses, its financial systems and information remain unnecessarily vulnerable to insider threats, including errors or mistakes and fraudulent or malevolent acts by insiders, GAO auditors says.
Nearly 8 of 10 hard drives tested contained tax returns, Social Security numbers, names of children placed in foster homes, passwords and child abuse documentation, an audit by New Jersey authorities reveals.
"We are training organizations to become more security focused and get them away from the check box mentality," says Jeremy King of the PCI Security Standards Council, describing the group's new approach to increasing PCI awareness globally.
RSA Conference 2011 was held recently, and Information Security Media Group was on hand to participate in the event in several unique ways. Check out our exclusive video interviews with industry thought-leaders, as well as our "Faces of Fraud" briefing.
Deven McGraw, co-chair of the Privacy and Security Tiger Team that's advising federal regulators, offers insights on how the team's recommendations might be implemented and what topics it will tackle next.
The Defense Department hopes to prevent future WikiLeaks-style breaches by employing public key infrastructure-based controlled access cards, but that solution won't be fully in place until mid-2013, DoD CIO Teresa Takai says.