"Persistent" is the operative word about the advanced persistent threat that has struck RSA and its SecurID products. "If the bad guys out there want to get to someone ... they can," says David Navetta of the Information Law Group.
The announcement by RSA that it had been a victim of an advanced persistent threat shook the global information security industry. Stephen Northcutt of SANS Institute and David Navetta of the Information Law Group offer insight on what happened, what it means and how to respond.
Fraud, risk management emerging technologies -- these issues know no boundaries. That's why we're launching a series of new international BankInfoSecurity sites to draw proper attention to local issues that impact the global banking industry.
Speculation about the pending update to online authentication guidance has been circulating around water coolers for months now. "A [disclosure] like this could make it more challenging for the regulators," says attorney David Navetta.
What if, while searching the Internet, you come across a Facebook profile of one of your employees, including inappropriate pictures and personal remarks on the supervisor? What does this mean to you as an employer? And what can you do about it?
Cyberthreats stem from the malware, but monetary losses stem from money mules. I've decided to coin a new term: eFraud. I cannot think of a better way to describe the wave of fraud incidents the financial industry is facing. It's electronic.