No two fraud incidents may be exactly alike, but a fraud investigator's approach can still be very consistent and precise, says Jean-Francois Legault, a fraud investigations specialist with Deloitte and Touche.
"The timing and the targets point to China," says cybersecurity policy expert James Lewis. "Spying right before the Beijing Olympics and focusing on Southeast Asia reflects China's larger interests more than those of any other country."
Extensive news coverage about the attacks against RSA and others have made customers jittery. "The publicity resulted in many customers' risk tolerance going down whilst their level of awareness and concern went up," says RSA CFO David Goulden.
"The lack of individual accountability over user accounts provides ample opportunities to conceal malicious activity such as theft or misuse of veteran data," VA Assistant Inspector General Belinda Finn says.
Scott Laliberte, managing director of Protiviti, wrote the book on penetration testing, and he has strong feelings about what organizations are doing right and wrong when assessing their information security risks today.
Dan Rode of the American Health Information Management Association describes why the group wants to see major revisions in a proposed federal rule requiring hospitals, clinics and others to give patients access reports listing everyone who's viewed their records.
Two electronic health records pioneers that already have earned federal EHR incentive payments stress that a robust risk management program should be an essential component of any movement from paper to electronic records.
The arrest is part of a continuing investigation into network intrusions and distributed denial of service attacks against a number of international business and intelligence agencies by what is believed to be the same hacking group.