On March 12 the National Security Archive at George Washington University issued their report, “The Knight Open Government Survey 2007.”
Basically the study looked at how many of the 149 U.S. government agencies they surveyed were in compliance with the provisions of the Electronic Freedom of Information Act (EFOIA) here at the 10 year anniversary of the Act going into effect.
Posts Tagged ‘risk management’
Most U.S. Government Agencies Still Not E-FOIA Compliant 10 Years Following Enactment; Disregard for Laws Also Leads to Disregard for Security Requirements
Wednesday, March 21st, 2007Iowa Breach Notification Bill; Emphasizes Need for Documented Security Policies and Breach Plans & Establishes “Identity Theft Passport”
Tuesday, March 20th, 2007An omnibus data security bill, H.F. 655 was introduced March 5 in the Iowa House by representatives Beth Wessel-Kroeschell (D) and Paul Shomshor (D).
Iowa Breach Notification Bill; Emphasizes Need for Documented Security Policies and Breach Plans & Establishes “Identity Theft Passport”
Tuesday, March 20th, 2007An omnibus data security bill, H.F. 655 was introduced March 5 in the Iowa House by representatives Beth Wessel-Kroeschell (D) and Paul Shomshor (D).
Trying To Determine Actual Numbers of Privacy Breaches Since 1980; An Exercise in Futility?
Wednesday, March 14th, 2007Today a press release caught my eye, “Hackers get bum rap for corporate America’s digital delinquency.”
Hmm…sounds interesting. Let’s see what is behind this nicely-hooking title.
Preventing Data Leakage Through Email and Instant Messaging
Tuesday, March 13th, 2007Incidents continue to accumulate and hit the daily headlines. Many of them involve the loss of sensitive information through some type of messaging activity. The losses can have devastating impacts to business.
The messaging-related incidents are sometimes technology-based, such as social-engineering tactics through instant messaging (IM) communications, sometimes they pre-meditated malicious activities, and sometimes they are just plain ol’ “OOPS!! What the heck did I just do!!!!???” types of situations.
“Protecting Personal Information: A Guide for Business”: Free from the FTC
Thursday, March 8th, 2007Today the U.S. Federal Trade Commission (FTC) released a 24-page guide, “Protecting Personal Information: A Guide for Business”
Within the guide the FTC advises businesses to protect personally identifiable information (PII) through the following actions:
How Access Management Compliance Supports Good Business
Thursday, March 8th, 2007Many business leaders I speak with now have great concern for data protection law and regulation compliance, which is certainly prudent. However, often when digging into the details of their compliance plans and activities, I find most of the effort and budget is going towards initiatives for firewall and perimeter protection, with increasing implementations for encryption.
New Benchmark Research Report Released Today from IT Policy Compliance (ITPC): “Taking Action to Protect Sensitive Data”
Wednesday, March 7th, 2007Today IT Policy Compliance released a new benchmark research report, “Taking Action to Protect Sensitive Data.”
I had the great oppportunity to not only have a sneak peak at the report, but also to speak yesterday about the report with Jim Hurley, the Managing Director for IT Policy Compliance who authored the report, and Heriot Prentice, Director of Technology at The Institute of Internal Auditors (IIA) which is one of the sponsors for the IT Policy Compliance site.
How Good are the Security Practices for “America’s Most Admired Companies 2007”?
Tuesday, March 6th, 2007Yesterday CNN reported the results of the FORTUNE 2007 survey of business people for the companies, in any industry, they admired most.
The rankings were based upon 8 key score areas:
