× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



GAO & IGs also do periodic studies of frequency of problems & risks out there.

I found the Credit Card Industry Annual Audit statistics to be most enlightening with respect to what percentage of the financial and retail industry thumb their noses at the security standards. (In some markets, more thumb their nose than do lip service to the standards.) When there is a breach in the news, figuring out what kind of computer system they were using, is next to impossible. Even when there are good standards, enforcement within an enterprise can also be challenging.

Here's link to latest relevant GAO report. Most of these investigations contain references pointing at earlier ones. Highlights usually one page good overview.

Personal Information: Data Breaches Are Frequent, but Evidence of Resulting Identity Theft Is Limited; However, the Full Extent Is Unknown. GAO-07-737, June 4.
http://www.gao.gov/cgi-bin/getrpt?GAO-07-737
Highlights - http://www.gao.gov/highlights/d07737high.pdf

Al,

Thanks for your replies and for that link to Attrition.org! After seeing that list of incidents, I think I would fully support a national SB1386-like (California) initiative.

Rob,

Good point about the source code scanning.

As always, I appreciate everyone's feedback. Now, it's time to axe the computers and actually take my two PTO days!

Best regards,

Steven W. Martinson, CISSP, CISM
Sheshunoff Management Services, LP.
Senior Consultant - Technology & Risk Management
2801 Via Fortuna, Suite 600 | Austin, TX 78746
Direct: 281.758.2429 | Mobile: 512.779.2630
e.Mail: smartinson@xxxxxxxxx



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.