RSA SecurID Breach Update: (Some) Additional Info Provided to Customers

A short while ago, RSA released an additional customer advisory (customer login required) regarding the breach of SecurID information disclosed last Thursday. In my updated initial take on the breach, I noted that: To date, RSA has disclosed no detail about exactly what was compromised or how, leaving customers with no actionable information regarding their [...]

By | March 22nd, 2011|Security|0 Comments

RSA Breach of SecurID Information: Initial Take

(Updated: Commentary on RSA's disclosure and SecurCare advisory of March 17) Yesterday, RSA Security disclosed that it had been the victim of a security breach that, according to Executive Chairman Art Coviello's open letter to customers, resulted in the exposure of information "specifically related to RSA's SecurID two-factor authentication products." Coviello's letter goes on to [...]

By | March 18th, 2011|Security|0 Comments

A New Security Paradigm: HCIA

(Ed. Note: I've updated this post to incorporate some great feedback I've gotten on it already. I may well do so again to keep it fresh, as I expect to refer to this concept a lot...) In a recent post, I talked about the security value of IT management disciplines such as configuration and change [...]

By | November 10th, 2010|Security|0 Comments
Load More Posts