Business want to know whether they are potential targets for security breaches, and if so, they seek to identify the types of electric records that may be at risk.
The Trustwave 2012 Global Security Report sheds some light on these concerns by identifying top data-security risk areas. Highlights of the report include the following findings:
A few weeks ago this blog pointed out that the Department of Homeland Security’s command center regularly monitors social networking sites such as Facebook and Twitter, popular sites like Hulu, controversial sites including WikiLeaks, and news and commentary sites like The Huffington Post and Drudge Report, according to a government document.
Now, there is an indication that the Federal Bureau of Investigation is developing a web application that will have the ability to monitor social media sites like Facebook and Twitter. Such an application supposedly will give the FBI intelligence about potential security threats.
Just when you thought the state breach notification laws could not get more cumbersome, states continue to amend their breach notification laws in an effort to expand the content and reach of the notice.
Texas Amendment Requires Notification to Affected Residents in All 50 States
Texas recently amended its data breach notification law by expanding the notification requirements to cover affected non-residents. Prior to the amendment, Texas required that entities conducting business in Texas notify residents when sensitive personal information was believed to have been acquired by an unauthorized person. Continue reading The Ever Expanding Data Breach Notification Laws…
Another data breach carried out by the “hactivist” group known as “Anonymous” provides an opportunity for businesses to become reacquainted with several important data security concepts. First let’s briefly review the background of the incident.
This time Anonymous hacked the Bay Area Rapid Transit system, commonly known as BART. BART is the second largest public transportation system in Northern California and carries about 40,000 riders a day. Anonymous was able to access and steal personal information on about 2400 BART customers who utilize the myBART website to manage their accounts. The information taken was reported by Anonymous to include system user names and passwords, individual last names, addresses, and telephone numbers.
One of the most valuable assets of any company is its intellectual property. Although technology has led to great efficiencies, it has also created new exposures for businesses, particularly with respect to the protection of valuable trade secrets. One of the key tools in a litigator’s arsenal in the fight against theft of trade secrets is the Computer Fraud and Abuse Act (CFAA). It prohibits a person from intentionally accessing a computer without authorization or exceeding authorized access to obtain information, perpetrate a fraud, or cause damage. Unfortunately, the issues are not always straightforward. Issues have arisen about the extent to which a business can use the CFAA to protect its information because there are conflicting views among the courts on the meaning of “authorization.”
Whether we like it or not, information really is king. This has been true for a while now, but it is even more clearly so now. In one way or another we now depend upon digital information for almost everything: to protect us, feed us, cloth us, entertain us and, most importantly, inform us. Erosion of trust in the integrity of the information that we mutually consume and produce effects us all in ways which may not be immediately harmful, but are none the less detrimental to us collectively. Information is king, but trust is paramount in such a world.