Cyber Security Audit Spanks Department of Interior | Government Tech | ITBusinessEdge.com - 0 views
-
The report goes on to say that IT and cyber security governance at the
department is inefficient, wasteful and lacks accountability
In preparing for this Insight, I read an enlightening article
published by the Society for Human Resource Management (SHRM) in its August 2008
issue of HR Magazine titled, "Out of the Breach: Reduce the Risk of Litigation
and Build Confidence in Data Handling by Becoming a Privacy Champion." In this
cover story, senior writer Rita Zeidner presents a case for building a "culture
of privacy" in the workplace. According to Zeidner, privacy experts recommend
training, along with taking other precautionary steps, as the best defense for
avoiding breaches of privacy.
Finally employers should train employees so they know how to
recognize threats to the security of protected data and report suspicious
activities. If employees cannot attend and participate in this training, their
access to such information should be blocked until they attend the training.
Once employees are trained, and as a way to encourage and reinforce these
behaviors, employers should publicly acknowledge and reward employees who alert
the company of potential problems.
There are at least two Facebook "change-your-password" scams circulating in
spam. Here's the first one. It tries to lure you to a malicious site to steal
your Facebook login information.
Corporation, a global leader in enterprise data protection, has announced the
results of the third annual study by The Ponemon Institute, identifying the
steps UK organisations are taking in order to safeguard their confidential data.
The 2009 Annual Study: UK. Enterprise Encryption
Trends study, which polled IT security professionals at 615 enterprises and
public sector organisations, found that 70% of UK organisations have been hit by
at least one data breach incident within the last year, up from 60% in the
previous year. The number of firms experiencing multiple breaches was also up,
with 12% of respondents admitting to more than five data loss incidents in the
twelve month period (up from 3%). Less than half of these breaches (43%) were
publically announced; there was no legal or regulatory requirement to disclose
the remaining 57% of incidents.
"There's a lot of business sophistication," said Patrick Peterson, Cisco
fellow and chief security officer. "Cybercriminals are taking a lot of Harvard
Business School approaches, making them very difficult to combat, and it really
does increase their success rate and the impact they have on us."