Yesterday I highlighted that organizations must consider the value of information based on the party that possesses it, i.e. If the information was made available to anyone - what could they do and how bad would the impact be to your organization?
Today’s Wall Street Journal had an article entitled “Another Liechtenstein Bank Suffers Theft of [...]
Entries Tagged as 'Identity Theft'
Article: Blackmail payments for stolen client data
February 21st, 2008 · No Comments
Tags: Fraud · Human Resources · Identity Theft · Risk Awareness
Weak Principle Controls are Cause of Security Breaches
February 4th, 2008 · No Comments
Remediation and corrective action are part of the lessons learned when a negative event (security breach, fraud, etc…) occurs within an organization. It is regarded as best practice to learn from one’s own mistakes, and an even better practice to learn from OTHER’s mistakes. In either case understanding what controls may address the situation on [...]
Tags: Access and Authorization · Identity Theft · Logical Access · PCI · Physical Access · Risk Awareness · Technology Intelligence · iso27001
Settled Identity Theft Complaints with the FTC
January 31st, 2008 · No Comments
A constant challenge for organizations is measuring the potential impact and consequences of mandated regulations. The weighting of compliance initiatives based on such consequences is not best practice, but is common. The need to demonstrate a true cost benefit analysis is dependent upon, in part, to the actual follow through and enforcement of [...]
Tags: FTC · GLBA · Identity Theft · Risk Awareness · Technology Intelligence · Technology Strategy Orchestration
