Seven in ten UK organisations experienced a data breach incident over the last year, up from 60 per cent in the previous year. The third edition of an annual survey by the Ponemon Institute, sponsored by PGP, also found that 12 per cent of 615 public and private sector organisations probed were hit by five…
Category: Commentaries and Analyses
State Dept lost track of its laptops
The State Department does not have an accurate accounting of its laptop computers, including ones meant for classified use, and has failed to encrypt machines as it is supposed to do to protect sensitive information, according to a new report by the department’s inspector general. Inspectors found that 27 laptops, worth $55,000 were missing out…
SSN Relatively Easy to Predict
Over on PogoWasRight.org, I’ve posted about a study released by researchers Alessandro Acquisti and Ralph Gross of Carnegie Mellon University. The study has significant implications for the use of SSN and for protecting against identity theft, even though a government spokesperson responded by seemingly downplaying the findings and their implications. If you would like to…
What About Former Employees?
When the Tyco Flow Control Americas office at in Houston was broken into over the weekend of June 6 and 7, burglars stole the Payroll Manager’s laptop computer and gained access to locked rooms that contained payroll and HR documents of current and some former employees. According to a letter sent by Holly Kriendler to…
NV’s New Encryption Law Made Moot?
Rebecca Herold of IT Compliance has a commentary on Nevada’s new encryption law and whether the state’s data breach law makes the encryption law moot. It begins: On May 30, 2009, Nevada enacted a new law, SB 227, which will basically replace NRS 597.970 in January 2010. In many ways the new law is an…
A Treasure Trove For Hackers
Forensics experts at the Dublin office of consultancy Ernst & Young have found evidence that prominent companies in Ireland are allowing home-based employees to download sensitive company and client data to their personal computers. Second-hand computer hard drives containing sensitive information – including hundreds of customer bank, Laser and credit-card account details, car registration information,…