Information security analytics

On May 30, 2009, Nevada enacted a new law, SB 227, which will basically replace NRS 597.970 in January 2010. In many ways the new law is an improvement over the much more vague, and brief, NRS 597.970. I want to focus here on an improvement, but something that still leaves much to interpretation; that is, what is meant by "encryption"? According to NRS 205.4742,

NUMEROUS LAPTOP thefts have highlighted poor corporate security practices and privacy protection in recent months. Companies however may be overlooking a source of potentially serious data leaks: employees who work at home, writes KARLIN LILLINGTON Forensics experts at the Dublin office of consultancy Ernst & Young have found evidence that prominent companies in Ireland are allowing home-based employees to download sensitive company and client data to their personal computers.

Interbank FX, LLC Ordered to Pay $200,000 and Establish Systems to Ensure the Safety of Consumer Records and Information Washington, DC – The U.S. Commodity Futures Trading Commission today simultaneously filed and settled charges against Interbank FX, LLC (Interbank), ordering Interbank to pay a $200,000 civil monetary penalty for violating rules designed to protect the confidential personal information of consumers.

On July 1, 2009, new laws will take effect in Alaska and South Carolina that will require entities that have experienced data security breaches involving personal information to notify affected individuals of the breaches. With these additions, a total of 44 states, plus the District of Columbia, Puerto Rico and the U.S. Virgin Islands, will have active breach notification laws in place. There are no breach notification laws in Alabama, Kentucky, Mississippi, Missouri, New Mexico and South Dakota.

Tokyo police Thursday arrested a former acting manager at a brokerage who was fired for stealing personal data on nearly 1.5 million customers and selling some of the information to mailing list companies. Hideaki Kubo, 44, a former acting manager at Mitsubishi UFJ Securities Co.'s systems department, has admitted to the allegations of theft and illegal computer access, police said.

The government has blocked proposals for it to collect and publish data on all NHS security breaches, GP can reveal. In a letter to ministers, written last year and released under the Freedom of Information Act, DoH director of IT implementation Richard Jeavons argued that disciplining offences was the 'responsibility of individual organisations'. 'Officials advise against starting a new national data collection where we may be required to publish, justify and explain the action taken,' he wrote.

T-Mobile is investigating a claim that a massive amount of internal data has been stolen from the telecommunication operator's servers, a company spokesman said Monday.

A recent security breach at the Park Ridge, New Jersey headquarters of Sony Card Marketing & Services Company (CMSC) affected customers who signed up for the Sony Rewards program.

VICTORIAN police are investigating a massive identity fraud involving the personal details of thousands of Australians that have been available on a blog site for more than a month.

Track this topic Print story Quest to free all world's imprisoned data continues Exclusive A lost laptop containing the personal data of 109,000 Pensions Trust members has sparked the latest in a growing list of information security breach alerts. The missing machine was stolen from the offices of NorthgateArinso, suppliers of the Pensions Trust's computerised pensions administration system, where it was being used "as a database for development, training and performance testing".