Discussion: A massive cyberattack earlier this year affected 760 major companies that were using RSA’s SecurID tags. Many of the affected companies are just finding out that their security had been breached. This kind of breach, called an “advanced persistent threat”, can go on for years undetected and aims at gaining access to sensitive information that can be sold in the future.
Date: October 28, 2011
- Should it be a requirement for companies to disclose when their security has been breached, regardless of whether or not customer information has been compromised?
- Why does it sometimes take companies months or years to discover a security breach?