Latest Industry News

The Massachusetts Data Protection Law - Debunking MA 201 CMR 17 compliance myths.

May 29, 2010 - SearchSecurityChannel.com - If your customer tells you that his or her company has achieved MA 201 CMR 17 compliance, don't be so sure. Compliance with the Massachusetts data protection law requires more than just IT controls and more than just one person's word. You need to examine departments like human resources, data retention, physical security and internal audit as well. WATCH VIDEO

Gear up to protect personal info

December 6, 2009 - Boston Herald, By Jennifer Heldt-Powell - Starting in March, Massachusetts will have what is arguably the nation’s strictest regulations protecting personal information such as Social Security numbers. That’s great news for those of us who don’t want to have our identity stolen, but it’s a burden for small business owners who will have to protect the information of their employees and consumers. READ MORE

Data Breach May Have Exposed 100 Million Credit Cards

January 21, 2009 - FoxNews.com - A New Jersey credit-card processor disclosed a data breach that analysts said may rank among the biggest ever reported. Heartland Payment Systems Inc. said Tuesday that cyber criminals compromised its computer network, gaining access to customer information associated with the 100 million card transactions it handles each month. READ MORE

Businesses Look to Restart Data Security Rule Process

January 15, 2009 - A coalition featuring some of the biggest businesses in the nation called on the Patrick administration Thursday to again delay implementation of regulations to protect against identity theft, saying the pending rules are unworkable and will hurt job creation. READ MORE

Businesses Brace For Costs Under ID Theft Regs

By Livia Gershon, Worcester Business Journal Staff Writer
December 22, 2008 - After discount retailer TJX Cos. reported an enormous data breach in early 2007, the Massachusetts legislature leapt into action, passing a new law designed to thwart ID theft. READ MORE

Data Breach Reports Up 69 Percent in 2008

www.washingtonpost.com
Businesses, governments and universities reported a record number of data breaches in the first half of this year, a 69 percent increase over the same period in 2007 driven by a spike in data thefts attributed to employees and contractors, according to an analysis by identity theft experts. The San Diego-based Identity Theft Resource Center tracked 342 data breach reports from Jan. 1 to June 27. Nearly 37 percent of reports came from businesses - an increase from almost 29 percent last year. READ MORE

Lessons Learned: The State Street Corp. Breach

By Marcia Savage, Features Editor, Information Security Magazine
A data breach at State Street Corp. disclosed by the financial services firm in May provides lessons in contractor security and data handling, security experts said. Boston-based State Street said a contractor hired to conduct data analysis lost a disk drive containing the personal information of 5,500 employees and 40,000 customers. The firm disclosed the breach four months after it learned of the incident and notified employees and customers of the former Investors Bank & Trust Company (IBT), which it acquired last year. READ MORE

Most IT Staff Would Steal Company Secrets: Survey; One Third of IT Staff Keep Passwords on Post-it Notes

By Computerworld UK Reporter
Most IT staff would steal sensitive company information, including CEO's passwords and customer details, if they were laid off, according to a new survey from Cyber-Ark.
A staggering 88 percent of IT administrators admitted they would take corporate secrets, if they were suddenly made redundant. The target information included CEO passwords, customer database, research and development plans, financial reports, M&A plans and the company's list of privileged passwords. READ MORE

New Massachusetts Security Legislation

From Massachusetts Consumer Affairs and Regulation
New law requires Massachusetts companies to implement “a comprehensive, written information security program.” READ MORE

Web Monitoring: How to Track Employee Data Access (without going overboard)

By Lauren Gibbons Paul, CSO Online
Monitoring access to corporate data can be an effective way to keep the crown jewels from walking out the door, but it requires a careful balancing act. READ MORE