|Compliance and Privacy News|
The US Government has woken up to the issue of Identity Theft and launched a new programme to boost awareness. Should the UK or EU be doing something similar? Find out below what the US is proposing.
Far more concerning is Shell's abandonment of Chip and Pin less than four months after it was brought in. Read on and find out why there is "no safety in numbers".
But perhaps the most sobering item in this week's issue is that 60% of the visitors to the Compliance and Privacy website have no information security policy.
As always, we welcome your feedback - do take part in the discussion forums. The more we get from you, the more we can tailor the content we're providing!
"AvoID Theft: Deter, Detect, Defend"
You can take steps to minimize your risk of becoming a victim of identity theft. That is the message of a nationwide education program launched today by the Federal Trade Commission:"AvoID Theft: Deter, Detect, Defend."
The program coincides with issuance of an executive order signed by President Bush, creating an Identity Theft Task Force, chaired by Attorney General Alberto R. Gonzales and co-chaired by FTC Chairman Deborah Platt Majoras. The Task Force will develop a strategic plan to enhance the effectiveness and efficiency of government efforts to deter, prevent, detect, investigate, and prosecute identity theft.
You are invited to attend an orientation to Burton Group's Identity and Privacy Strategies service.
This 60-minute interactive LiveMeeting session will:
Attendance at this online web event is limited. Register early.
Shell had to slam the door fast on Chip and PIN at 600 UK filling stations after skimmers were found and £1,000,000 had been stolen from customer accounts. But there is a wider issue here.
It can't just be Shell and its UK filling stations that makes us doubt Chip and PIN, but Shell slamming its Chip and PIN equipment shut last week certainly pours a whole lot of cold water on the technology, brought in with such a fanfare in February 2006.
Before the Chip and PIN Day we had our doubts, but oddly they were not about the technology presenting attack vulnerabilities. Instead we were worried about the things ordinary people worry about:
Part of what we do at Compliance and Privacy is to find new areas to interest you. One such area is Richard Steinnon's blog
Richard is founder and chief research analyst at IT-Harvest Inc. He is responsible for setting strategic direction as well as editorial coverage at this independent Information Technology research firm. Richard leads IT-Harvest in its efforts to compile the first comprehensive knowledgebase of the entire IT security market. Prior to joining IT-Harvest, he was VP of threat research for Webroot Software, Inc. the leading commercial anti-spyware solution.
Why Richard's blog? Simply because he specialises in Threats and the chaos they bring. He's a specilist in his field, and his thoughts are often controversial.
When Asked, What Percentage of Staff Know if They Have an Infosec Policy?
Information Security is basic stuff. It's part of everything we do, or should be. So why were we not surprised when we asked people, knowledgeable people, who visit this site "Do you have an Information Security Policy?" and we were given the answers?
We have a question for you. "If I can't trust you with my data, can I trust you with my money?"
Geopolitical hot spots can be identified through a multitude of factors, including the demographics of a given country or location. It is common to hear various organizations identify areas most commonly infected with malicious code, countries most prevalent for hosting phishing attacks on servers, and so on. Are these counties truly the geopolitical hot-spots of the Internet for attacks?
This WebCast takes a discerning look into the demographics of the Internet for top countries and correlates data to recent reports of geopolitical hot-spots.
Your active participation is requested. This WebCast will dispel some myths and reinforce areas of true danger
The WebCast is at 2pm US Eastern Time. That is 7pm UK time and 8pm European time, on 7 June 2006. To participate you will need a fully audio equipped PC. Estimated running time is 30 minutes.
Readers should note that references to VeriSign's sponsorship are historical. That sponsorship ended on 28 February 2007, and is simply included here for context and historical purposes. VeriSign is not formally associated with this site in any manner, and has asked us to emphasise this point.