mailing list archives
Congress is looking into consumer data security: But will it actually act?
From: security curmudgeon <jericho () attrition org>
Date: Tue, 4 Feb 2014 11:57:16 -0600 (CST)
---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>
BY CALE GUTHRIE WEISSMAN
FEBRUARY 3, 2014
Today in Washington, a congressional Banking, Housing, and Urban Affairs
subcommittee met to discuss recent consumer financial data breaches, and
the role retailers, bankers, and the government must play to prevent them
from happening again. Leading the subcommittee was Congressman Mark Warner
of Virginia, who detailed the necessity for swift action. He repeatedly
called for unity among all players ? including bankers, retailers, and
credit cards ? noting that all must be on the same page and not consider
the others antagonists in order to successfully protect millions of
consumers? personal data.
The elephant in the room was undoubtedly the ongoing Target and Neiman
Marcus security breach, which allowed hackers access to millions of
customers personal financial information. Executives from these companies
will be testifying to Congress in the coming weeks. The looming question
on the tip of each senator?s tongue was, what can be done to prevent such
a data fiasco from happening again?
Senator Mark Warner, the subcommittee?s chair, noted that last year cyber
crime caused reportedly $300 billion in damage, and that that statistic
has most definitely increased over the last year. He questions the tactics
the Secret Service has taken when looking at and trying to block
large-scale security breaches. ?Why is that that the security service or
even security bloggers are the first to know of these attacks,? pointing
to private companies and news outlets who made the Target story public. He
then queried, ?why is it taking us so long to respond??
The first panelists at the hearing ? William Noonan, Deputy Special Agent
in Charge of the US Secret Service, and Jessica Rich, the Director of the
FTC?s Bureau of Consumer Protection ? didn?t provide too much insight into
either of these question. They did insist, of course, that their
organizations are working to protect such crimes from happening again.
Given the constantly evolving state of cybercrime Noonan noted that
?malware can be molded and changed per attack.? And he ultimately agreed
that the legislative action would help his organization a great deal.
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
sales () riskbasedsecurity com
Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus
on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
- Congress is looking into consumer data security: But will it actually act? security curmudgeon (Feb 07)