Commentaries and Analyses – Page 771

Another week, another round of Congressional questions and posturing?

Posted on February 29, 2012 by Dissent

How many data breach investigations can one Congress initiate without actually doing anything? What is the point of asking Grindr questions about its security? Hasn’t Congress heard enough by now to know that most companies and apps do not implement adequate security despite what they say on their sites? What, if anything, does Congress intend…

‘Anatomy of an Anonymous Attack’ laid bare by Imperva

Posted on February 28, 2012 by Dissent

Sophie Curtis reports: Security firm Imperva has published a detailed analysis of an attack by Anonymous on one of its customers, providing new insight into how the hacktivist group operates, and highlighting the need for better application layer security. According to The New York Times, the target in question was the Vatican, although Imperva has declined…

Ie: DataSolutions survey reveals 14,000 firms had data compromised

Posted on February 23, 2012 by Dissent

David Richardson reports: A new survey published today by DataSolutions, Ireland’s leading value-add IT distributor, found that 14,000 Irish businesses have had their data compromised. Over 200 Irish IT executives were quizzed, and the survey examined their main security concerns. It was split into two parts, intrusion prevention from external threats and data loss caused…

Why Data Security Regulation is Bad

Posted on February 13, 2012 by Dissent

Danny Lieberman comments: The first government knee-jerk reaction in the face of a data breach is to create more government privacy compliance regulation. This is analogous to shooting yourself in the foot while you hold the loaded weapon in one hand and apply band-aids with the other. Democracies like Israel, the US and the UK…

Senate in search of consensus on data breach notification law may try a backdoor approach

Posted on February 9, 2012 by Dissent

Tony Romm writes: Congress failed to pass a new federal law last year requiring the litany of companies affected by data breaches — from gaming giant Sony to shoe e-tailer Zappos — to notify consumers. But now some lawmakers believe they have a new route for passage: the Senate’s upcoming cybersecurity reform bill. Read more…

Data breach notification proposal placed on Senate calendar

Posted on February 7, 2012 by Dissent

Senator Feinstein’s proposed data breach notification law, Data Breach Notification Act of 2011 (S. 1408) has been placed on the Senate Legislative Calendar under General Orders. Calendar No. 310. The bill, which I have criticized in both its past and current incarnations is an incredibly weak bill that would provide little information to affected consumers, uses vague…