Australia's government agencies can learn a lot from the nation's banks, when it comes to risk management and protecting privacy, says Graham Ingram, General Manager of the Australian Computer Emergency Response Team. "There are too many people in government organisations who are in denial [of risks]," he says.
Developing enterprise risk management processes is one challenge for Asian banks. But following these processes is quite another, says Peter Koo, partner, Enterprise Risk Services, at Deloitte Touche Tohmatsu in Hong Kong.
Responding to today's cyber attacks isn't the challenge for Indian banking institutions. But prosecuting these crimes is, says KK Mookhey, a security expert with deep banking experience. Current laws just don't serve as enough of a deterrent for attackers.
Cobit, ITIL, ISO, NIST, an alphabet soup of standards governments often rely on to assure the safety of their IT systems. Ohio government IT leaders saw standardizing on one framework to be a more efficient way to help safeguard IT.
Disaster recovery expert Regina Phelps says Japan's nuclear emergency puts local citizens at risk, but organizations globally can learn from the crisis. "I hope that all of us look at this and ask, 'What can I do to be better prepared?'"
Until the IRS corrects the identified weaknesses, its financial systems and information remain unnecessarily vulnerable to insider threats, including errors or mistakes and fraudulent or malevolent acts by insiders, GAO auditors says.
Insurer Health Net is notifying 1.9 million individuals that their healthcare and personal information may have been breached as a result of nine server drives missing from a California data center managed by IBM.
The Internet is inherently insecure, and the only way to ensure today's evolving information systems is to build them upon three pillars of trust. This is the premise of Mike Ozburn, Principal at Booz Allen Hamilton, which has just authored a new white paper about these pillars.
Roundup of news and insights from the National HIPAA Summit, including the announcement that state attorneys general soon will receive training on how to file federal civil lawsuits for HIPAA violations.
Nearly 8 of 10 hard drives tested contained tax returns, Social Security numbers, names of children placed in foster homes, passwords and child abuse documentation, an audit by New Jersey authorities reveals.