Australia's government agencies can learn a lot from the nation's banks, when it comes to risk management and protecting privacy, says Graham Ingram, General Manager of the Australian Computer Emergency Response Team. "There are too many people in government organisations who are in denial [of risks]," he says.
Cobit, ITIL, ISO, NIST, an alphabet soup of standards governments often rely on to assure the safety of their IT systems. Ohio government IT leaders saw standardizing on one framework to be a more efficient way to help safeguard IT.
Insurer Health Net is notifying 1.9 million individuals that their healthcare and personal information may have been breached as a result of nine server drives missing from a California data center managed by IBM.
Until the IRS corrects the identified weaknesses, its financial systems and information remain unnecessarily vulnerable to insider threats, including errors or mistakes and fraudulent or malevolent acts by insiders, GAO auditors says.
Roundup of news and insights from the National HIPAA Summit, including the announcement that state attorneys general soon will receive training on how to file federal civil lawsuits for HIPAA violations.
Nearly 8 of 10 hard drives tested contained tax returns, Social Security numbers, names of children placed in foster homes, passwords and child abuse documentation, an audit by New Jersey authorities reveals.
"We are training organizations to become more security focused and get them away from the check box mentality," says Jeremy King of the PCI Security Standards Council, describing the group's new approach to increasing PCI awareness globally.