Organizations are starting to adapt to cloud computing, but they're hesitant about placing their core assets in the online environment, according to results from the 2011 ISACA IT Risk/Reward Barometer.
Danish pharmaceutical company Novo Nordisk Inc. has agreed to a $1.725 million civil settlement agreement to resolve allegations that the company accessed and misused private patient information and filed false or fraudulent Medicaid claims.
Some organizations hesitate to involve law enforcement in their breach investigations for fear that exposing the hack would cost them their reputations and money. A Justice Department contingent tells a gathering of lawyers why that impression is wrong.
The legislation sponsored by Senate Judiciary Chairman Patrick Leahy would nationalize data breach notification and stiffen penalties for those who fail to notify law enforcement and individuals of a data breach.
The Federal Deposit Insurance Corp. has fallen victim to another phishing attack, according to an e-mail alert sent out to customers. This newest attack entices consumers to click a link for details about "important information from your financial institution."
What's the top threat on the minds of global IT leaders? Employee-owned mobile devices - or BYOD (bring your own device), as the trend is known. The struggle: Do mobile device benefits outweigh the organizational risks?
The House Subcommittee on Commerce, Manufacturing and Trade heard from Sony and Epsilon about breaches that adversely affected consumer information. Both companies support a national data security and breach notification law.
Organizations looking to improve their privacy management in the event of a breach "have to continually plan and prepare," says Nationwide's Chief Privacy Officer Kirk Herath. That means putting into writing a comprehensive plan.
The same approach governments and businesses employ to protect individuals from the dangers of secondhand smoke could be applied to safeguard cyberspace, says Scott Charney, Microsoft's vice president of trustworthy computing, engineering excellence and environmental sustainability.