Institutions can learn a great deal from Japan's disaster planning and response. But security expert Mark Lobel of PricewaterhouseCoopers says this growing crisis also teaches us: "Even the best laid plans only go so far."
When the business demands the latest tools and technologies, saying "no" is not a viable option. "Clearly, these are disruptive things, but they also are extremely valuable," says Simon Godfrey, Director, Security Solutions at CA Technologies UK.
Australia's government agencies can learn a lot from the nation's banks, when it comes to risk management and protecting privacy, says Graham Ingram, General Manager of the Australian Computer Emergency Response Team. "There are too many people in government organisations who are in denial [of risks]," he says.
Developing enterprise risk management processes is one challenge for Asian banks. But following these processes is quite another, says Peter Koo, partner, Enterprise Risk Services, at Deloitte Touche Tohmatsu in Hong Kong.
Responding to today's cyber attacks isn't the challenge for Indian banking institutions. But prosecuting these crimes is, says KK Mookhey, a security expert with deep banking experience. Current laws just don't serve as enough of a deterrent for attackers.
Cobit, ITIL, ISO, NIST, an alphabet soup of standards governments often rely on to assure the safety of their IT systems. Ohio government IT leaders saw standardizing on one framework to be a more efficient way to help safeguard IT.
Disaster recovery expert Regina Phelps says Japan's nuclear emergency puts local citizens at risk, but organizations globally can learn from the crisis. "I hope that all of us look at this and ask, 'What can I do to be better prepared?'"
Until the IRS corrects the identified weaknesses, its financial systems and information remain unnecessarily vulnerable to insider threats, including errors or mistakes and fraudulent or malevolent acts by insiders, GAO auditors says.
Insurer Health Net is notifying 1.9 million individuals that their healthcare and personal information may have been breached as a result of nine server drives missing from a California data center managed by IBM.
The Internet is inherently insecure, and the only way to ensure today's evolving information systems is to build them upon three pillars of trust. This is the premise of Mike Ozburn, Principal at Booz Allen Hamilton, which has just authored a new white paper about these pillars.
Roundup of news and insights from the National HIPAA Summit, including the announcement that state attorneys general soon will receive training on how to file federal civil lawsuits for HIPAA violations.