A new California law requires that organizations experiencing a data breach provide more detailed information to the individuals affected. The law, which covers breaches involving financial, healthcare and other personal information, goes into effect Jan. 1.
Executives in a variety of industries who are in charge of securing their enterprises' IT say they're more anxious about outsiders hacking into their systems than insiders - either maliciously or inadvertently - threatening their digital assets, a new survey shows.
As of Aug. 22, 306 major health information breaches affecting a total of almost 11.7 million individuals were included in the official federal tally. Fourteen incidents affecting a total of about 270,000 were added since July 22.
"The more that you could focus in on computer science topics, to understand programming, network-based technology and mobile-based technology, the better off you're going to be," says Rob Lee of SANS Institute.
Oregon state agencies are coming together to develop a centralized plan, ending a previously siloed approach, to simplify compliance with Internal Revenue Service rules to safeguard taxpayer data, says state CISO Theresa Masse.
According to FINRA, Citi's negligence in adequately supervising Tamara Moon, a former sales assistant at a Citi branch in Palo Alto, Calif., resulted in $749,978 being skimmed from the accounts of 22 Citi customers.
"There are still a lot of inexperienced people out there that are passing themselves off as experts," says Scott Laliberte, managing director of Protiviti, outlining the common challenges of penetration testing.
Trust has been a murky trait on the Internet since its inception. Remember the New Yorker cartoon? A dog, sitting by a PC, says: "On the Internet, nobody knows you're a dog." It's hard to trust what you see on the Net. That's more true today than ever.
Documenting procedures for the State Department's custom-made, continuous-monitoring tool known as iPost will help ensure that the data collected are appropriately used to protect the agency's global IT system, a GAO audit says.
The FFIEC Authentication Guidance update is out, and third-party service providers need to begin reviewing their internal systems and communicating with their financial institution customers, says Wells Fargo Bank's Phil Alexander.