Compliance News
Friday, September 21st, 2007-
Federal agent indicted for using a government database to stalk his ex-girlfriend
Jilted agent made unauthorized use of the database 163 times
-
Loss of backup tape in Ohio leads to Connecticut state lawsuit against Accenture
State of Connecticut sues for negligence and other causes
-
Apple’s Jobs is subpoenaed in stock option-scandal
SEC wants testimony in its suit against Apple’s former general counsel
-
Simple measures can’t gauge outsourcing success, experts say
Forrester Research takes a holistic approach, uses 150 different measures
-
UK defense agency hands out BlackBerries to staff members
Units can be erased remotely if stolen or lost
-
Security system doesn’t protect online firm from coordinated hacker attacks
Working in tandem from multiple IP addresses, hackers systematically milk customer credit card data from Web site
-
New PCI DSS guidelines are on the horizon for application developers
New rules would add to, rather than replace, the current set
-
Most financial institutions have suffered external security breaches, and users are typically to blame, UK survey shows
But upper management has been slow to get involved
-
Ex-CFO files for damages after dismissal for document destruction
Whistleblower or weasel, ex-exec wrestles with Sunrise Senior Living over claims of wrongful termination
-
Storm worm botnet flexes its muscle
Huge botnet has been attempting to drive anti-spam organizations off-line for weeks with denial of service attacks
-
Cybercrime now bigger than the illegal drug industry, expert says
The criminals have the upper hand as cybercrime becomes a burgeoning business bringing in $105Bn and the authorities are slow to respond
-
Daylight Savings Time poses potential problems for unpatched systems
Unpatched systems must set their clocks and "fall back" on October 28th as opposed to November 4th
-
IT Process Institute releases survey and benchmark of best practices that really work
Change management and configuration management were found to be important
-
Business managers overlook IT risk management to their detriment
IT risk management can make the business far more agile and ensure smooth change management
-
E-Health records too easy to hack, report complains
Medical users spend too little attention, money on IT security
-
European Commission claims the UK failed to properly implement one third of the Data Protection Directive
Of the 34 aricles in the Data Protection Directive, the European Commission reports 11 were not satisfied by the UK Data Protection Act 1998
-
GAO says SEC investigations are floundering
Decentralization and inadequate management systems are touted
-
DHS issues preparedness investment guidelines
Regional collaboration and communications are near the top of the list
-
TD Ameritrade data breach exposes entire customer database
Intruders appear to have used the information for spam rather than identity fraud
-
Online bazaar for stolen credit card details still flourishes
$400 can get you someone else’s bank account details
-
Google calls for minimum global privacy standards
Search engine endorses principles already proposed by APEC
-
COSO publishes preliminary version of internal control monitoring guidance
Document is intended to help organizations who must comply with Sarbanes-Oxley section 404
-
DoJ workers must now use government-issued computers for telecommuting
The department bans the use of privately-owned PCs and digital assisants to ensure proper encryption and monitoring for all machines utilized for telecommuting
Posted in General | No Comments »
