Breaches will not slow anytime soon, and there's not much financial institutions and the payments chain can do to stop them. At this point, the best course of action for banks and retailers is to focus on damage control.
When a database breach occurs, consumer notification continues to be a public problem. And it's time for the federal government to step in, says Linda Foley, co-founder of the non-profit Identity Theft Resource Center.
Art Coviello, RSA's executive chairman, confirms that information taken from RSA in March had been used as an element of an attempted broader attack discovered late last month on SecurID customer and defense contractor Lockheed Martin.
David Navetta, an attorney who specializes in IT security and privacy, says the magistrate's recommendation, if accepted by the judge, could set an interesting legal precedent about the security banks are expected to provide for commercial customers.
Revelations that Google's Gmail and Sony Pictures were both targeted by hackers highlights growing concerns about cybersecurity and the sophistication - and frequency - of attacks, as well as how to keep the public informed about such incidents.
It's clear that major data breaches have become not just a topic of mainstream news, but they're occurring with such frequency and potential devastation that they're almost deserving of a 24-hour news desk.
The House Subcommittee on Commerce, Manufacturing and Trade heard from Sony and Epsilon about breaches that adversely affected consumer information. Both companies support a national data security and breach notification law.
"Just securing the data is no longer enough," says Trevor Hughes, head of the International Association of Privacy Professionals. 'Privacy professionals, in addition, need to prepare for what happens when things go wrong."