Computerworld Jaikumar Vijayan News en_US (c) Copyright 2014 Computerworld, Inc. All Rights Reserved. Wed, 23 Apr 2014 13:47:49 GMT 2014-04-23T13:47:49Z en_US (c) Copyright 2014 Computerworld, Inc. All Rights Reserved. SEC seeks data on cyber security policies at Wall Street firms The Securities and Exchange Commission plans to review the cyber defenses of 50 Wall Street broker-dealers and investment advisers to determine whether they are prepared for potential cyber threats. Mon, 21 Apr 2014 19:55:00 GMT (Jaikumar Vijayan) 2014-04-21T19:55:00Z U.S. commercial drone industry struggles to take off The U.S. commercial drone industry is still struggling to get off the ground more than two years after President Obama signed into law a bill that permits the civilian use of unmanned aerial vehicles (UAV) over the country's airspace. Fri, 18 Apr 2014 11:18:00 GMT (Jaikumar Vijayan) 2014-04-18T11:18:00Z Two more states eye drone use limits Louisiana and Pennsylvania could become the latest states to impose restrictions on the use of commercial drone aircraft over their airspace. Wed, 16 Apr 2014 20:31:00 GMT (Jaikumar Vijayan) 2014-04-16T20:31:00Z Heartbleed flaw affects mobile apps, too Android and IOS mobile applications are just as vulnerable to the Heartbleed bug as websites are, security vendor Trend Micro warned. Fri, 11 Apr 2014 16:48:00 GMT (Jaikumar Vijayan) 2014-04-11T16:48:00Z FTC can sue companies hit with data breaches, court says A federal court in New Jersey this week affirmed the Federal Trade Commission's contention that it can sue companies on charges related to data breaches, a major victory for the agency. Thu, 10 Apr 2014 17:23:00 GMT (Jaikumar Vijayan) 2014-04-10T17:23:00Z 6 ways the Internet of Things will transform enterprise security It's already started, with a refrigerator that sent out email spam. The Internet of Things trend shows how even a benign consumer appliance could pose a danger to enterprises if connected to the Internet without proper security. Mon, 07 Apr 2014 11:08:00 GMT (Jaikumar Vijayan) 2014-04-07T11:08:00Z Snowden leaks erode trust in Internet companies, government Edward Snowden's revelations about the National Security Agency's data collection practices have eroded the public's trust in major technology companies -- and in the Internet, a Harris Interactive survey found. Fri, 04 Apr 2014 11:23:00 GMT (Jaikumar Vijayan) 2014-04-04T11:23:00Z NSA phone metadata collection program renewed for 90 days The Obama Administration has secured a 90-day extension of the National Security Agency's controversial authority to collect phone metadata records on U.S. customers under the Patriot Act. Tue, 01 Apr 2014 20:16:00 GMT (Jaikumar Vijayan) 2014-04-01T20:16:00Z NSA isn't evil, says noted civil libertarian Civil liberties and privacy groups have long criticized the U.S. National Security Agency, but those critics became louder last summer after details of the agency's data collection activities were disclosed in classified documents leaked by Edward Snowden. Tue, 01 Apr 2014 19:32:00 GMT (Jaikumar Vijayan) 2014-04-01T19:32:00Z Payment card security revamp becoming chip vs. PIN tussle Industry efforts to shore up payment card security after the massive data breach at Target appear to be devolving into a battle over chip vs. PIN technology between retailers and credit card companies. Thu, 27 Mar 2014 19:35:00 GMT (Jaikumar Vijayan) 2014-03-27T19:35:00Z In rare move, banks sue Target's security auditor Two banks that claim to have suffered losses from the recent data breach at Target have sued Trustwave Holdings Inc., the company that was responsible for validating Target's compliance with the Payment Card Industry Data Security Standard. Wed, 26 Mar 2014 10:34:00 GMT (Jaikumar Vijayan) 2014-03-26T10:34:00Z Business groups see IT shops as roadblocks to data analytics projects Business groups in a growing number of companies appear to be plowing ahead on data analytics projects with little input or help from their own IT organizations. Tue, 25 Mar 2014 20:03:00 GMT (Jaikumar Vijayan) 2014-03-25T20:03:00Z ATM operators eye Linux as alternative to Windows XP Some financial services companies are looking to migrate their ATM fleets from Windows to Linux in a bid to have better control over hardware and software upgrade cycles. Thu, 20 Mar 2014 19:48:00 GMT (Jaikumar Vijayan) 2014-03-20T19:48:00Z Court approves first-of-its-kind data breach settlement Courts have generally tended to dismiss consumer class-action lawsuits filed against companies that suffer data breaches if victims can't show that the the breach directly caused a financial hit. Mon, 17 Mar 2014 19:58:00 GMT (Jaikumar Vijayan) 2014-03-17T19:58:00Z Major companies, like Target, often fail to act on malware alerts Companies that suffer major data breaches almost always portray themselves as victims of cutting edge attack techniques and tools. The reality, though, is often much more mundane. Fri, 14 Mar 2014 10:21:00 GMT (Jaikumar Vijayan) 2014-03-14T10:21:00Z Senator's claims of CIA violating computer fraud act shaky, legal expert says Sen. Dianne Feinstein's (D-Calif.) claim that the CIA violated provisions of the Computer Fraud and Abuse Act when it accessed computers used by members of the Senate Intelligence Committee, could be hard to substantiate, according to a leading legal expert. Thu, 13 Mar 2014 10:44:00 GMT (Jaikumar Vijayan) 2014-03-13T10:44:00Z GPS tech built to find missing aircraft not always used Aviation experts have cited multiple possible reasons for the problems in the multi-country effort to locate the Malaysia Airlines jetliner that dropped off the grid over the South China Sea four days ago. Tue, 11 Mar 2014 21:44:00 GMT (Jaikumar Vijayan) 2014-03-11T21:44:00Z U.S. retailers insist on PIN requirement in smartcard rules U.S. retailers are digging in their heels over their need for PIN authentication for Europay MasterCard Visa (EMV) smartcard use here. Fri, 07 Mar 2014 20:58:00 GMT (Jaikumar Vijayan) 2014-03-07T20:58:00Z CIO not the only one to blame for Target breach That someone had to take the fall for the massive breach at Target is neither surprising nor unexpected. The only question is whether more heads will roll in the aftermath of one the biggest data compromises in retail history. Wed, 05 Mar 2014 21:14:00 GMT (Jaikumar Vijayan) 2014-03-05T21:14:00Z Network firewalls aren't dead yet Phil Cummings says network firewalls will continue to be a critical piece of Health Information Technology Services -- Nova Scotia security portfolio for one simple reason: nothing's come along to replace them. Wed, 05 Mar 2014 20:08:00 GMT (Jaikumar Vijayan) 2014-03-05T20:08:00Z Cloud security concerns are overblown, experts say Security concerns should not deter enterprises from using public cloud technologies when it makes business sense. Thu, 27 Feb 2014 11:26:00 GMT (Jaikumar Vijayan) 2014-02-27T11:26:00Z Huge turnout at RSA shows hackers are winning In the battle between enterprises and malicious hackers, the bad guys are clearly winning, judging by the sheer number of people and exhibitors at the RSA security conference going on here this week. Wed, 26 Feb 2014 12:27:00 GMT (Jaikumar Vijayan) 2014-02-26T12:27:00Z Premier 100 IT Leader: Rick Mears Aligning IT investments with business goals is this CIO's golden rule. Mon, 24 Feb 2014 11:30:00 GMT (Jaikumar Vijayan) 2014-02-24T11:30:00Z IT pros rank University of Texas San Antonio best school for cybersecurity The University of Texas at San Antonio (UTSA) tops a somewhat unexpected list of schools that are considered by security practitioners as the best in the country for cybersecurity courses and degree programs. Mon, 24 Feb 2014 11:24:00 GMT (Jaikumar Vijayan) 2014-02-24T11:24:00Z Poorly managed SSH keys pose serious risks for most companies Many companies are dangerously exposed to threats because they don't properly manage the Secure Shell cryptographic keys used to authenticate access to critical internal systems and services. Sat, 22 Feb 2014 13:34:00 GMT (Jaikumar Vijayan) 2014-02-22T13:34:00Z EMV smartcards offer security benefits even without PIN, Visa says A senior executive from Visa Inc. dismissed concerns over the manner in which the Europay MasterCard Visa (EMV) chip card standard is being implemented in the U.S. and insisted the move will yield significant security benefits for retailers, consumers and banks. Tue, 18 Feb 2014 21:59:00 GMT (Jaikumar Vijayan) 2014-02-18T21:59:00Z Ford exec says automaker doesn't collect or share car location data A Ford executive told U.S. Sen. Al Franken (D-Minn.) that the automaker does not collect or share location data from cars without the operator's explicit permission. Thu, 13 Feb 2014 20:29:00 GMT (Jaikumar Vijayan) 2014-02-13T20:29:00Z 5 issues that could hamper EMV smartcard adoption in the U.S. Migrating U.S. payment systems to the Europay MasterCard Visa (EMV) smartcard standard could take significantly longer than envisioned and offer fewer security benefits than what's being touted by proponents of the technology. Tue, 11 Feb 2014 11:58:00 GMT (Jaikumar Vijayan) 2014-02-11T11:58:00Z Maintaining PCI compliance is a big challenge for most companies A majority of companies that achieve annual compliance with the Payment Card Industry Data Security Standard fail to then maintain that status, leaving them vulnerable to breaches. Fri, 07 Feb 2014 21:27:00 GMT (Jaikumar Vijayan) 2014-02-07T21:27:00Z Target attack shows danger of remotely accessible HVAC systems The massive Target breach led to revelations that many companies use Internet-connected heating, ventilation, and air conditioning (HVAC) systems without adequate security, giving hackers a potential gateway to key corporate systems. Fri, 07 Feb 2014 11:52:00 GMT (Jaikumar Vijayan) 2014-02-07T11:52:00Z Target breach happened because of a basic network segmentation error The massive data breach at Target last month may have resulted partly from the retailer's failure to properly segregate systems handling sensitive payment card data from the rest of its network. Thu, 06 Feb 2014 11:28:00 GMT (Jaikumar Vijayan) 2014-02-06T11:28:00Z Possible Belarus connection prompts probe of The U.S. Department of Health and Human Services launched a security probe of after a U.S. intelligence unit last week warned that portions of the Affordable Care Act website was built by software developers linked to the Belarus government. Wed, 05 Feb 2014 11:28:00 GMT (Jaikumar Vijayan) 2014-02-05T11:28:00Z Despite Target data breach, PCI security standard remains solid, chief says The head of the organization in charge of maintaining security controls over credit card transactions insisted Monday that its standards remain solid despite the concerns raised by data breaches at Target and other companies. Mon, 03 Feb 2014 21:34:00 GMT (Jaikumar Vijayan) 2014-02-03T21:34:00Z Medical lab says FTC breach probe forced it to close An Atlanta-based medical laboratory that has been embroiled in a bitter feud with the U.S. Federal Trade Commission over a data breach investigation shut down its operations this week. Fri, 31 Jan 2014 11:38:00 GMT (Jaikumar Vijayan) 2014-01-31T11:38:00Z Misuse of proprietary data alone doesn't violate CFAA, judge rules Federal courts have started ruling against companies using the much-reviled Computer Fraud and Abuse Act to pursue employees and others who allegedly misappropriate proprietary data. Wed, 29 Jan 2014 21:18:00 GMT (Jaikumar Vijayan) 2014-01-29T21:18:00Z Obama should have talked about NSA in address, say trade groups Technology trade groups faulted President Obama for not using his State of the Union address Tuesday night to address domestic and international concerns over the National Security Agency's surveillance programs. Wed, 29 Jan 2014 12:10:00 GMT (Jaikumar Vijayan) 2014-01-29T12:10:00Z NSA gets its first civil liberties and privacy officer The National Security Agency has reportedly appointed Rebecca Richards, a former deputy privacy official at the Department of Homeland Security, as its first privacy officer. Wed, 29 Jan 2014 11:50:00 GMT (Jaikumar Vijayan) 2014-01-29T11:50:00Z After Target, Neiman Marcus breaches, does PCI compliance mean anything? The recent data breaches at Target and Neiman Marcus have once again shown that compliance with the Payment Card Industry Data Security Standard (PCI DSS) is no guarantee against an intrusion. Fri, 24 Jan 2014 20:58:00 GMT (Jaikumar Vijayan) 2014-01-24T20:58:00Z Obama in awkward spot after privacy board calls NSA snooping illegal A report Thursday by the Privacy and Civil Liberties Oversight Board calling the NSA's bulk phone records collection program illegal and mostly useless puts the Obama Administration in an awkward spot. Thu, 23 Jan 2014 19:35:00 GMT (Jaikumar Vijayan) 2014-01-23T19:35:00Z Target breach shows payment system security needs less talk, more action Retailers and banks must move quickly to figure out who should be responsible for better securing the payments system network or risk having Congress decide for them. Thu, 23 Jan 2014 15:53:00 GMT (Jaikumar Vijayan) 2014-01-23T15:53:00Z Update: Obama's NSA proposals underscore reform challenges President Obama's proposals to reform the National Security Agency's surveillance practices reflect the enormous challenges the administration faces in finding the right balance between national security needs and privacy and civil rights concerns. Fri, 17 Jan 2014 21:55:00 GMT (Jaikumar Vijayan) 2014-01-17T21:55:00Z Security firm IDs malware used in Target attack A security company that worked with the U.S. Secret Service to investigate the data breach at Target identified the malware used in the attack as a sophisticated derivative of a previously known Trojan. Thu, 16 Jan 2014 21:07:00 GMT (Jaikumar Vijayan) 2014-01-16T21:07:00Z A year after Swartz suicide, reform of anti-hacking law remains elusive Internet activist Aaron Swartz's suicide last January galvanized calls for an overhaul of the Computer Fraud and Abuse Act, used widely by the government to prosecute misdeeds that critics say the law was never intended to address. Yet, one year after Swartz's death, efforts to reform the law have made little headway. Thu, 16 Jan 2014 16:58:00 GMT (Jaikumar Vijayan) 2014-01-16T16:58:00Z Spy agencies around the world use radio signals to tap data from targeted systems Reports this week that the National Security Agency uses radio signals to collect data from tens of thousands of non-U.S. computers, some not connected to the Internet, is sure to fuel more acrimony towards the U.S. spy agency. Wed, 15 Jan 2014 19:54:00 GMT (Jaikumar Vijayan) 2014-01-15T19:54:00Z Franken presses Ford on location data collection practices A U.S. senator pressed Ford for information on its in-car data collection practices, citing recent boasts by an executive at the automaker that it can monitor drivers via integrated navigation system. Wed, 15 Jan 2014 11:36:00 GMT (Jaikumar Vijayan) 2014-01-15T11:36:00Z Justices let stand appeals court decision on border searches of laptops In a boost for civil rights advocates, the U.S. Supreme Court upheld a lower court decision that requires U.S. border agents to have at least some cause for searching electronic devices belonging to travelers at the nation's borders. Mon, 13 Jan 2014 21:46:00 GMT (Jaikumar Vijayan) 2014-01-13T21:46:00Z Feds to dump CGI from project The Obama Administration is set to fire CGI Federal as prime IT contractor of the problem-plagued website, a report says. Fri, 10 Jan 2014 20:45:00 GMT (Jaikumar Vijayan) 2014-01-10T20:45:00Z Breach goes from bad to worse for Target and its customers Target's acknowledgement Friday that personal data of 110 million people, not 40 million as previously thought, may have been exposed to hackers in a recent data breach raises new questions about the incident and how it could affect victims. Fri, 10 Jan 2014 16:59:00 GMT (Jaikumar Vijayan) 2014-01-10T16:59:00Z The NSA blame game: Singling out RSA diverts attention from others Singling out RSA for reproach for allegedly enabling a backdoor in one of its encryption technologies in a deal with the National Security Agency deflects attention from the role other technology vendors may have had in enabling NSA's secret data collection activities. Thu, 09 Jan 2014 12:16:00 GMT (Jaikumar Vijayan) 2014-01-09T12:16:00Z California lawmakers move to bar state help to NSA Two California lawmakers this week introduced a bill that would prohibit state agencies and corporations from providing material support to the National Security Agency. Tue, 07 Jan 2014 20:30:00 GMT (Jaikumar Vijayan) 2014-01-07T20:30:00Z