"Given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our networks," says CISO Phillip Reitinger.
"I think the New York Stock Exchange was probably prepared for this sort of thing anyway," says security researcher Wendy Nather. "One threat, more or less, is not going to make a difference in the security measures they have in place."
The Department of Homeland Security is undertaking nine private and three public cloud computing initiatives, establishing private cloud services to manage sensitive but unclassified information while using the public cloud for non-sensitive data.
These arrests also highlight the U.S. vulnerability to crimes involving payment cards with magnetic stripes. "The U.S. is a criminal's playground right now," says John Buzzard of FICO Card Alert Service.
"It should provide fuel for anyone calling for data breach legislation to include criminal sanctions ...," says Neal O'Farrell of the Identity Theft Council. "This was nothing short of a clumsy cover-up."
"Organizations are putting in layers of security and tools to safeguard information and assets, however, the fraudsters are attacking our weakest link, the consumer," says Anthony Vitale of Patelco Credit Union.
UBS's $2 billion loss to rogue trading provides lessons for all banks. What's missing in today's financial institution culture is a balance between profits, ethics and governance, says risk management expert Frances McLeod.