Secretary of Homeland Security (DHS) Michael Chertoff appointed Gregory Garcia as the nation's new cyberczar, filling the position last held by Amit Yoran in 2004.

Garcia had previously served as vice president for information security policy and programs at the Information Technology Association of America, an 11,000-member trade group representing the nation's IT industry.

Garcia had also helped draft the Cyber Security Research and Development Act of 2002 — a bill that created cybersecurity research centers and college grant programs.

The cyberczar post replaced the position of director of the National Cyber Security Division.

 

Widespread laptop encryption in both the public and private sectors is just the top prediction by the SANS Institute in its most recent Top 10 list.

Targeted attacks against government agencies and the private contractors that do business with them are also forecasted, as are more widespread attacks by foreign governments and terrorist sects.

The report also claims that cell phone worms will infect at least 100,000 phones via wireless data networks, and that voice over IP systems will be the targets of cyberattacks.

 

CA announced an unusual guarantee to users of its security products, promising to pay customers if they are the victims of virus infections or identity theft.

The new warranty program is to be offered with the newly released CA Internet Security Suite 2007.

Administered by the Warranty Corporation of America (WaCA), the company will pay ID theft victims up to $5,000 if they have purchased the product and registered for WaCA's Mobile Lifeline software. That sum can be used to pay for lost wages, legal fees, re-filing applications and fixing credit reports.

 

A laptop containing the names and Social Security numbers of about 50,000 General Electric employees was stolen from a locked hotel room.

The Fairfield, Conn.-based company said the employee handling the laptop was authorized to be in possession of the data, and the thief appeared to be after only the laptop.

GE mailed notifications to affected employees, offering them a free year of credit monitoring service.

 

Microsoft endured a hectic week-long stretch that saw the software giant release an early patch for a flaw in the processing of vector markup language in Internet Explorer.

At the same time, Microsoft warned users about public exploit code for newly discovered flaws in Internet Explorer and PowerPoint.

The debate over third-party patches also re-emerged, as the Zeroday Emergency Response Team (ZERT) released unofficial fixes for multiple Microsoft flaws.