Computer contractor gets five years for $2M credit union theft
Zeldon Morris, a Provo, Utah computer contractor, was sentenced on Wednesday to more than five years in prison after pleading guilty to stealing close to $2 million from four credit unions that he performed IT services for. via Computer contractor gets five years for $2M credit union theft.
Health worker is first HIPAA privacy violator to get jail time
A former UCLA Health System employee, apparently disgruntled over an impending firing, has been sentenced to four months in federal prison after pleading guilty in January to illegally snooping into patient records, mainly those belonging to celebrities via Health worker is first HIPAA privacy violator to get jail time – SC Magazine US.
Gonzalez Gets 20 Years in Hacker Case
Hacker Albert Gonzalez is sentenced to 20 years in prison for his role in hacking TJX, Barnes & Noble, OfficeMax and other retailers. He faces the possibility of more time behind bars when he is sentenced for his role in hacking a slew of other companies, including Heartland Payment Systems. via Gonzalez Gets 20 Years [...]
CXOtoday.com > IT-GRC Solution on Cloud
There is built in framework support for RBI Compliance, NSE, BSE, MCDEX, PCI, ISO, COBiT, SOX, BASEL II, HIPAA, FISMA, and other country specific frameworks which are ready to use. SecureGRC has a not-so-far-seen value-add in terms of integrating, synergizing and transforming information from various sources into alert raising actionable solutions, helping in identifying the [...]
When It Comes To #PCI Compliance, Franchisors Are Screwed
When it comes to franchise-based retailers, PCI Compliance is broken, plain and simple. It simply does not address the complexities of the franchisee/franchisor business model and, in the end, leaves the franchisor holding the bag. Because each franchisee is a separate merchant, most large franchise organizations are only required to meet PCI Level 4 requirements. [...]
ISO 31000 Risk management
By now, many of you have read the newly released ISO 31000 Risk management — Principles and guidelines standard. (Others may have seen its release draft or be familiar with its predecessor the AS/NZS 4360 standard.) It provides a well-written, step-by-step guide to risk management processes that can be applied to whole organizations, or any [...]
Unknown hackers steal details on U.S. Joint Strike Fighter project: Scientific American Blog
An unknown cyber criminal (or group of them) has broken into computer systems housing information about the U.S. Defense Department’s $300 billion Joint Strike Fighter project, the Wall Street Journal reports today, citing a number of “current and former government officials familiar with the attacks.” It’s unclear how much damage the attacks have caused to [...]
Visa leads effort at PCI conference to minimise payment information vulnerability
Visa opens PCI Dubai Conference Dubai, UAE 14 April 2009: Visa International, the leading payment solutions provider, has participated in PCI Dubai, the leading payment industry conference and addressed stakeholders from across the GCC payment industry on various issues surrounding data security and payment card fraud. Participants also shared best practices, emerging technologies, and discussed [...]
Fighting Fraud with the Red Flags Rule
Are you complying with the Red Flags Rule? The Red Flags Rule requires many businesses and organizations to implement a written Identity Theft Prevention Program designed to detect the warning signs – or “red flags” – of identity theft in their day-to-day operations. Are you covered by the Red Flags Rule? Read Fighting Fraud with [...]
PCI Council gives helping hand to merchants
PCI Council gives helping hand to merchants Prioritized Approach framework to help attain PCI DSS compliance Ian Williams, vnunet.com 04 Mar 2009 The Payment Card Industry Security Standards Council (PCI SSC) has released a new resource designed to help merchants struggling to attain compliance with the PCI Data Security Standard. The global payment industry body [...]
