Company News
Direct Computer Resources CEO Joseph Buonomo Announces Industry/Government Program to Address Economics for Cyber Security.
Washington, D.C. (April 5, 2010) —The American National Standards Institute (ANSI) and the Internet Security Alliance (ISA) released a new report and program designed to assist private sector organizations to better analyze the true economic costs of cyber incidents and a pragmatic program to prevent and mitigate these attacks at the National Press Club on March 31st. ... Read More
Direct Computer Resources, Inc., Outlines Cyber Security Policy Implementation at National Press Club, White House Meetings.
Washington, D.C. (December 3, 2009) — In the company of Internet Security Alliance (ISA) Board Members, Direct Computer Resources President and CEO Joseph Buonomo detailed how the Obama Administration can best implement comprehensive policies to create a sustained system of cyber security during a news conference at the National Press Club on December 3 and in meetings with senior White House staff. ... Read More
(Dec. 3, 2009) — DCR President and CEO Joseph Buonomo addresses the National Press Club about Cyber Security with ISA President Larry Clinton (seated, right).
Safety Act: U.S. Department of Homeland Security Designates DataVantage Global Software as a Qualified Anti-Terrorism Technology.
DCR meets with Rep. Bennie Thompson, Homeland Security Committee Chairman
(June 2009) — As part of a recent Internet Security Alliance Board Meeting, Direct Computer Resources President and CEO Joseph Buonomo greeted Rep. Bennie Thompson (D-Miss.), Chairman of the Homeland Security Committee. DCR officials also spent time discussing cyber security issues with Rep. Anthony Weiner (D- NY); Rep. Jim Langevin (D-RI); Sen. Joseph Lieberman (ID-CT); and Rep. Mac Thornberry (R-TX).
Industry Headlines
Privacy Matters: When Is Personal Data Truly De-identified?
New rules possible for patient de-identification. — The U.S. Department of Health and Human Services (HHS) is about to rule whether health care entities will need to notify patients if their de-identified data — patient data that has been stripped of all potential for identifying individuals, which is often used for research and development — is breached. ... Read More
Databases' Most Serious Vulnerability: Authorized Users
New Dark Reading report outlines threats posed to databases by end users — and how to protect your data — While today's headlines might be full of compromises and SQL injection attacks, most database leaks are still caused by end users who have legitimate access to the data, experts say. Yet, according to "Protecting Your Databases From Careless End Users," a new report published today by Dark Reading, many enterprises still don't do enough to protect data from accidental leaks or insider theft. ... Read More
850,000 Doctors Could Be Hit by Potential Data Breach from Insurer's Stolen Laptop
AMA has asked the BlueCross BlueShield Assn. to meet regarding the data breach — A missing computer belonging to a BlueCross BlueShield Assn. employee also includes Social Security numbers of more than 100,000 physicians — and all the data are unencrypted. ... Read More
And You Thought a Prescription Was Private
Obama administration to strictly enforce new rules that will plug some gaping holes in our federal health privacy laws. — Prescriptions, and all the information on them — including not only the name and dosage of the drug and the name and address of the doctor, but also the patient's address and Social Security number — are a commodity bought and sold in a murky marketplace, often without the patients' knowledge or permission. ... Read More
CEOs Underestimate Security Risks, Survey Finds
Top executives were less aware of specific security incidents at their companies than other C-level executives, and are more confident that data breaches can be easily avoided. — The Ponemon survey of 213 CEOs, CIOs, COOs and other senior executives reveals what appears to be a perception gap concerning information security issues between CEOs and other senior managers. ... Read More
Credit Crunch Crunches Data Security
Data Quality News, UK: Credit crunch could lead to data quality breach. — The credit crunch has resulted in increasing volatility in the financial sector prompting a technology expert to warn companies to go to greater lengths to prevent the compromise of data quality and security. ... Read More
Data Loss a Pricey Blunder
Denver Post: Your brand and reputation may be seriously compromised. — Initial costs of a security breach might amount to $90 to $305 per person, and that doesn't include the cost of subsequent lawsuits. ... Read More
Theft of Personal Data More Than Triples in 2008
USA Today: Thieves direct their resources to weak links. — Sensitive personal data is being systematically stolen from companies, government agencies, colleges and hospitals. ... Read More
A Chronology of Data Breaches
Privacy Rights Clearinghouse: Data breaches in the U.S. — Over 230 million data records of U.S. residents have been exposed due to security breaches from January 2005 through June 2008. ... Read More
Businessweek (6/11/2010) — The Data Privacy Threat.
Few organizations are equipped to deal effectively with new threats, rules and regulations. Here's what the Corporate Executive Board suggests they should do about it. ... Read More
Resources and Downloads
ISA/ANSI CyberRisk for CFO’s Free Report Available
The ISA/ANSI Free Report — "The Financial Management of Cyber Risk: An Implementation Framework for CFOs" (free registration required). Industry standard-bearers discuss the risks and associated costs tied to much-needed data security measures. Download Here.
The Business Justification for Data Security
Securosis data privacy chief analyst Rich Mogull discusses the evolution from “noisy” to “quiet” security threats affecting company data and the budgetary competition that challenges required security measures. Mogull adds details on how to build a justification model to help determine where, and how much, to invest in protecting your information assets. ... Download Here
The Economic Consequences of Cyber Attacks: An Interview with Scott Borg
Scott Borg, director and CEO of the non-profit US Cyber Consequences Unit, is a leading expert on the economic impact of cyber attacks. In this incisive interview, he discusses the economic impact of cyber attacks, increasing public-private entity cooperation, and his advice for IT professionals. ... Read More
Bank Information Security (6/4/2010): What You Need to Know about Data Privacy (Interview with Brian Hengesbaugh, Partner with Baker & McKenzie)
Global data privacy attorney Brian Hengesbaugh, discusses top security/privacy issues for organizations today, the greatest global challenges for US-based firms, and what organizations can do now to ensure greater compliance. ... Read More
FierceHealth Finance (5/19/2010): Action Steps CFOs Can Take to Boost Data Security
Healthcare CFO’s must work more effectively with IT to secure data. ... Read More
Digital Transactions (6/4/2010): Study Quantifies the Heavy Damage of Card Data Breaches
A new study estimates credit and debit card issuers spent $252.7 million in 2009 replacing more than 70 million cards compromised by data breaches. ... Read More
CyberSecurity (5/14/2010): The U.S. Legislative Agenda: Melissa Hathaway Presentation on Pending Legislation – A Summary with Very Brief Perspective
A very detailed review of pending legislation affecting data privacy issues. Which will affect your business operations? ... Download Here
United States Cyber Consequences Unit: Cyber Security Checklist
Economically Complex Cyberattacks (IEEE Security & Privacy)
The Economics of Loss (Enterprise Information Security and Privacy)
ZDnet, UK (5/28/2010): Europe Seeks New Data Privacy Deal with US
The European Commission has moved forward in its plans to negotiate a data-protection deal with the US that would safeguard EU citizens' personal information when it is transferred to the US in the course of criminal or anti-terrorist investigations. ... Read More
Patient Data Is at Risk: Do You Call IT?
Many CFOs think that the IT department should handle data security and don't realize that the issue falls under their purview. However, the report, “The Financial Management of Cyber Risk: An Implementation Framework for CFOs,” from the Internet Security Alliance and the American National Standards Institute makes clear that financial professionals are in a prime position to provide the facility-wide strategic leadership required to secure patient data. ... Read More
Melissa Hathaway's Nine Cybersecurity Bills to Watch (Government Information Security Magazine)
Melissa Hathaway, who led President Obama's 60-day cyberspace review last year, has now become involved in a variety of IT security ventures. In this article, she offers a review and analysis of nine key pieces of legislation to watch. ... Read More
A Breach too Far (Information Security Magazine, free registration required)
How much do data breaches really damage organizations financially – and why don’t we want to hear about it? ... Read More
Heartland in $41.4M Settlement with MasterCard (Associated Press/Forbes)
The story continues: Hackers installed spying software on Heartland's computer network in 2008, giving them access to data on the systems that process Visa, MasterCard, American Express and Discover Card transactions. The settlement will cover alleged losses MasterCard issuers took as a result. ... Read More
Data-Breach Risks Rise With Social Networking, Mobile-Payment App Use (American Banker)
The fast growth of social-networking sites containing users' personal information is drawing concern from some payment data-security experts who say the risk of exposing consumers' sensitive data is rising ... Read More
Rich Mogull: "The Five Laws Of Data Privacy"
Securosis analyst Rich Mogull discusses five key points of Data Masking ... Read More
Firms Look to Corporate Security Experts to Combat Fraud
Goldman Sachs exec took propriety computer programs that the financial giant uses to make rapid trades in the financial markets ... Read More
Data Privacy Expert Rebecca Herold Shares Critical Information via Podcast
Herold’s podcasts convey critical information about using production data for testing and masking and de-identification methods... Read More
Preventing Data Theft
Fifty-nine percent of laid-off staff admitted to stealing confidential information.... Read More
