[ISN] CIO not the only one to blame for Target breach

http://www.computerworld.com/s/article/9246786/CIO_not_the_only_one_to_blame_for_Target_breach By Jaikumar Vijayan Computerworld March 5, 2014 That someone had to take the fall for the massive breach at Target is neither surprising nor unexpected. The only question is whether more heads will roll in the aftermath of one the biggest data compromises in retail history. Target on Wednesday announced that Beth Jacob, its CIO of more than five years, had resigned. The move comes less than two months after the retail giant disclosed it had suffered a data breach that exposed sensitive data on more than 40 million credit and debit cards. Later, the company announced that emails, addresses and other information on another 70 million people might also have been exposed as the result of the intrusion, which occurred over the 2013 Thanksgiving weekend. In a statement to the Associated Press, Target CEO Gregg Steinhafel said the company is searching for an interim CIO to help it through an information security overhaul that began after the breach. […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] What Will $5 Billion in Military Cyber Spending Pay For?

http://www.defenseone.com/technology/2014/03/what-will-5-billion-military-cyber-spending-pay/79978/ By Patrick Tucker Defenseone.com March 5, 2014 The Pentagon’s wants $5.1 billion for cyber operations next year, an increase of about $4 million over this year’s budget, but exactly what the military wants to buy with that money is unclear. “There’s no set of program elements that led to this number. Maybe there needs to be, but right now there isn’t,” said outgoing comptroller Bob Hale, rolling out the Obama administration’s fiscal 2015 spending request at the Pentagon on Tuesday. Budgeting for more cybersecurity makes sense to defense planners who argue the threat continues to grow. But how to spend that money is still very much up for debate at the Pentagon. “The question isn’t the funding side, but figuring out the proper roles and responsibilities, especially in how the line is better set between DOD, the rest of government and private responsibilities,” said Peter Singer, director of the Center for 21st Century Security and Intelligence at the Brookings Institution. Though that’s not a new worry, either. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Hospital records used to ‘target ads on Twitter and Facebook’ say privacy campaigners, in latest NHS data concerns

http://www.independent.co.uk/life-style/health-and-families/health-news/hospital-records-used-to-target-ads-on-twitter-and-facebook-say-privacy-campaigners-in-latest-nhs-data-concerns-9166633.html By CHARLIE COOPER HEALTH REPORTER independent.co.uk 03 March 2014 The security of NHS data was thrown into further doubt yesterday after it emerged anonymous patient information has been used by a marketing consultancy to advise clients on targeting their social media campaigns. It comes amid growing concerns over plans to trawl patient records from every GP surgery in England, which were postponed last month after NHS chiefs admitted they had not done enough to inform and reassure the public about the scheme, known as care.data. MPs sought reassurances last week that the GP data, which could be accessed by researchers and approved private companies, would not be vulnerable to breaches of patient confidentiality. In another blow to public confidence in the scheme, it was also reported yesterday that the entire hospital episodes statistics (HES) dataset has been uploaded to Google servers. A management consultancy firm called PA Consulting used Google tools to create interactive maps out of HES data, it emerged. The HSCIC said it had received assurances that no Google staff would be able to access the data, and the firm said that the data was “held securely”. Medconfidential, which campaigns for better security around medical records, said that they were also concerned that HES data had been released, in pseudonymised form, to a consultancy firm, Beacon Dodsworth, which uses a coded version of HES data to help its clients “establish trends and understand patterns allowing you to tailor you social marketing or media awareness campaigns.” Its chairman, Geoff Beacon, told The Independent that the firm had “not been allowed near the raw data”, which had been handled by a public sector health observatory. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail