Because of the capital and operational costs of deploying SecurID, it is almost always used to protect access to businesses' most valued assets and high-value transactions, Pironti says, so anything protected by it is a likely target.

He leans toward believing the thieves stole something fundamental to how SecurID works, not something that could be used against particular customers or particular environments. Otherwise RSA would have kept the incident low-key, contacting only those customers affected. The general announcement indicates that any SecurID customer faces a new risk, he says.

He says he hasn't heard about any increase in compromised networks that are protected by SecureID. "There haven't been spikes in public breach activity," he says.

Pironti has been telling his clients that stealing core security technology is a prime target of attackers because that can undermine the security of vast amounts of data and transactions. "It's a great business opportunity from a hacker's standpoint," he says.

in Network World's Wide Area Network section.