Ratan Jyoti, Chief Manager (Information Security), Vijaya bank, writes: … In last year or two, there has been a sudden spurt in data theft in Indian banks. It is estimated that Indian Banks are directly losing a significant part of their income due to data theft. In terms of reported incidents, the figure of loss…
Category: Commentaries and Analyses
LabMD ruling should be a wake-up call for FTC data security enforcement
For another informed perspective on the impact of the initial decision in FTC v. LabMD, I’d strongly encourage this site’s readers to read Gus Hurwitz’s thought-provoking analysis and commentary on TechPolicyDaily.com. Here’s a snippet: … Judge Chappell had none of the FTC’s argument. “The term ‘likely’,” he tells us, “does not mean that something is merely…
New York Department of Financial Services Previews Rigorous Cybersecurity Rules for Financial Sector
H. Deen Kaplan, Harriet Pearson, Timothy Tobin, and Stephanie Handler write: On November 9, 2015, Anthony Albanese, Acting Superintendent of the New York State Department of Financial Services (NYDFS), issued a letter to a wide array of federal and state financial services regulators that are part of the Financial and Banking Information Infrastructure Committee (FBIIC)….
FTC v. LabMD: A bad case and a questionable decision, but the right outcome
As I reported last Friday, FTC’s Administrative Law Judge D. Michael Chappell dismissed FTC’s enforcement action against LabMD, explaining that the regulator failed to meet the injury prong of the unfairness test under the FTC Act. The FTC issued a press release about the decision yesterday. The decision was noteworthy for two reasons. It was the first data security enforcement…
Ca: Prince Edward Island’s Workers Compensation Board reports 47 privacy breaches in 4 years
CBC News reports: P.E.I.’s information and privacy commissioner is recommending changes to prevent breaches at the Workers Compensation Board after 47 breaches to personal privacy were reported in a four-year period. Privacy Commissioner Karen Rose started investigating after a WCB client complained in 2010 some of his medical information was mailed to an unrelated third…
INFORMATION SECURITY: Department of Education and Other Federal Agencies Need to Better Implement Controls – GAO
From a newly released GAO report: Cyber-based risks to federal systems and information can come from unintentional threats, such as natural disasters, software coding errors, and poorly trained or careless employees, or intentional threats, such as disgruntled insiders, hackers, or hostile nations. These threat sources may exploit vulnerabilities in agencies’ systems and networks to steal…