Despite documents showing the U.S. National Security Agency has infiltrated North Korean networks, security experts continue to doubt the country orchestrated the cyber-attack on Sony Pictures.
Recent reports alleging that the National Security Agency has infiltrated North Korean networks and collected evidence connecting the country's leadership with the attack on Sony Pictures Entertainment should have settled the question of who was responsible for the brazen breach of the Hollywood studio's data assets. Yet, doubts persist.
Sixty percent of organizations have increased their security spending by one-third -- but many security managers still don't think that's enough, Ponemon study finds.
Mega-breaches like those at Target and Sony are good for one thing: they help security departments get greater buy-in and bigger budgets from the powers that be. In the wake of the Target breach, 61 percent of organizations increased their security budgets by an average of 34 percent in 2014, according to a study released today, conducted by the Ponemon Institute on behalf of Identity Finder, LLC.
"We see compliance going down day by day, month by month, after the assessment," said Rodolphe Simonetti, managing director for Verizon's compliance consulting. "Compliance is supposed to be supporting security, not just a yearly checklist."
The Payment Card Industry Data Security Standard has 12 main requirements. The most likely to go unmet between audits? The requirement to maintain a firewall and making sure that there is a strong network protection later, said Simonetti.
This is Copyright Week, in which various people supporting more reasonable copyright laws highlight some of the problems with existing laws and important concepts that should be in copyright reform efforts. Today's topic is "you bought it, you own it," -- a concept that is often held back due to bad copyright laws. A few months ago, a bill was introduced in Congress called YODA -- the You Own Devices Act -- which would allow the owner of computer hardware to sell the devices with the software on it without creating a copyright mess.
While the world is laughing at UK PM David Cameron for his pledge to ban encryption, Australia is on the way to implementing legislation that could feasibly have a similar effect.
Moreover, the little-debated Defence Trade Control Act (DTCA) is already law - it's just that the criminal sanctions it imposes for sending knowledge offshore without a license are being phased in, and don't come into force until May 2015.