RSA Breach: A CISO's Action Items

How One RSA Customer Is Stepping Up Monitoring
Terrell Herzig, CISO at UAB Medicine, speaks out on steps steps he's taking in the wake of the RSA SecurID attack.In the aftermath of the attack against RSA's SecurID, UAB Medicine is stepping up its vigilance in reviewing Authentication Manager logs to look for such activity as a high number of failed attempts to authenticate, Herzig notes.

The Birmingham, Ala.-based academic medical center has 2,000 users of SecurID tokens, which it's been using for more than 10 years. It's making the transition from hardware-based to software-based tokens for those remotely accessing clinical information systems.

In an interview, Herzig:

  • Points out that UAB will cut back on handing out new tokens in the short-term, focusing only on those that are "absolutely necessary for our clinical staff."
  • Advises SecurID clients to educate end-users about such issues as never revealing their token serial numbers, PINs or passwords and avoiding falling for social engineering gimmicks, such as clicking on a URL in an e-mail and being redirected to a site that asks for credentials.
  • Stresses that UAB segments its infrastructure so that the Authentication Manager database runs on secure servers protected by multiple firewalls. Plus, UAB gives only a limited number of staff members access to the authentication servers.
  • Says he's looking forward to learning what remediation steps RSA will take to restore any security measures that have been compromised.

In addition to serving as information security officer at UAB Medicine, Herzig is the HIPAA security officer. He heads a team of three security specialists at the delivery system, which includes a 1,000-bed hospital and numerous outpatient facilities throughout the state. He was editor the book, "Information Security in Healthcare: Managing Risk," published by the Healthcare Information and Management Systems Society.

Herzig also is the featured speaker in a webinar on developing a policy for protecting information on mobile devices.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.