George Hulme recently wrote about an anticipated WikiLeaks exposure of Bank of America files and used Bank of America’s attempts to prepare for the disclosures as an opportunity to discuss how to respond to a breach. George writes, in part: The idea isn’t to bury the news, or prepare executives how to lie, but to…
Category: Commentaries and Analyses
NIST formalizes cloud computing definition, issues security and privacy guidance
George V. Hulme writes: Last summer, Federal Chief Information Officer Vivek Kundra asked the National Institute of Standards and Technology (NIST) to help accelerate the federal government’s secure adoption of cloud computing by leading efforts to develop cloud standards and guidelines. And NIST just delivered. The agency published two new draft documents on cloud computing. The first…
Data breaches triple in space of a year
The Irish Independent reports: Incidents of data breaches tripled last year, with more than 400 instances reported, according to the Office of the Data Protection Commission. A number of probes have been launched into civil servants suspected of accessing information about individuals out of curiosity, or for profit. But some data leaks out through human…
Losing Data Must Be Easier Than Misplacing a Piano
Bart Porter writes: Days ago, before the tale of a mysterious piano that appeared on a secluded sandbar in Miami’s Biscayne Bay went viral and everyone from condo residents to the U.S. Coast Guard were questioning where it came from, I had a similar question in mind: How does somebody lose a grand piano? Grand…
ACH Fraud on Trial: EMI v. Comerica
Tracy Kitten writes: Michigan-based Experi-Metal Inc. and Comerica Bank headed to court this month. Their case is the first major corporate account takeover incident to actually go to trial. The two parties now appear before the U.S. District Court of Michigan to debate how much responsibility EMI should assume for the takeover of its bank…
Pointer: A critique of Ponemon Institute methodology for “churn”
I’m delighted that Adam Shostack has posted a critique of a study that is often cited as support for the claim that data breaches cause brand harm: Ponemon’s US Cost of Data Breach Study. As background, some of us have been discussing on Twitter, blogging, and otherwise debating whether data breaches do, in fact, cause…