By using federated digital credentials, the federal government has taken a significant step toward creating more efficiency to better serve the needs of the American people in the 21st century, Cybersecurity Coordinator Howard Schmidt says.
Instead of sabotage, as Stuxnet was used on Iranian nuclear centrifuges, Duqu is designed to gather intelligence that could help attackers mount a future digital assault on industrial control facilities.
"This guidance ... will allow the market to evaluate companies in part based on their ability to keep their networks secure," Sen. Jay Rockefeller says. "We want an informed market and informed consumers, and this is how we do it."
A class action lawsuit is seeking $4.9 billion in damages as a result of alleged privacy violations stemming from a recent health information breach affecting beneficiaries of the TRICARE military health program.
While a presidential advisory council wants to move forward quickly with using metadata tags within electronic health records, such as to indicate patient privacy preferences, another federal advisory panel is saying "not so fast."
"The CRMA will give us a heightened awareness of our responsibility in not just evaluating operational or compliance risks, but understanding strategic risks to the business," says Denny Beran of J.C. Penney.
"Given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our networks," says CISO Phillip Reitinger.