Friday, May 13, 2011

Obama administration tightens penalties for computer/data breaches. Finally!


I have been blogging and writing and speaking out for almost three years on this topic. If we expect companies to more computer and Internet security (including cloud computing security) up higher on their list of corporate priorities there need to be rewards (trust, reputation, good will, and happier customers) and serious penalties for neglect.

Sounds like Washington finally read my emails, blogs and pleas! (Photo courtesy the The White House, 2011)

"Almost two years after outlining a broad strategy intended to strengthen the security of the nation’s computers and networks, the Obama administration said Thursday that it was sending proposed legislation to Congress that would strengthen penalties for any invasion of private computer systems."

Read the entire article at the NY Times (assuming that you can still get in there now that we have to pay! ).

Here is the CNET version of this which is also very good.

"The White House today sent Congress a proposed cybersecurity law designed to force companies to do more to fend off cyberattacks, a threat that has been reinforced by recent reports about vulnerabilities in systems used in power and water utilities.

This proposal seems designed to prod the legislative branch to enact by the end of the year some variety of cybersecurity legislation, which has been stalled by concerns about privacy, Internet "kill switches," and overreaching regulation. One proposal from Sen. Jay Rockefeller (D-W.V.), for instance, would have explicitly given the government the power to "order the disconnection" of specific networks or Web sites"

Identity and Information Protection Certification from Iowa State University

So now if you own a store or hire people to work sensitive data you REALLY have a need to train them or it could cost you plenty in fines and even jail time. Why not have them take our quick certification for identity theft prevention best practices and the law?

Our new on line ID theft awareness certification class, offered through the Iowa State University College of Engineering on line learning system, covers the many risks. If you have employees who handle sensitive customer data it might be a good idea to have them take this inexpensive and engaging Internet seminar. At the end of the course upon successfully completing the user-friendly quiz they are issued a certificate of completion. You may find out more about the seminar here

http://www.eol.iastate.edu/Professional-Development/Courses/idtheft.html

WARNING! ONLY this address will take you to the legitimate Engineering web site! We have published the full URL instead of hot linking a word so you can see the address.

Steffen Schmidt, PhD. Professor of Public Policy and Information Security



Labels: ,

0 Comments:

Post a Comment

<< Home

  • All Material is Copyright © 2009 Michael McCoy and SEAS, L.L.C
  • Deter. Detect. Defend. Avoid ID Theft - www.ftc.gov/idtheft