Monday Morning News Kick Off: CNN’s “Shock Wave,” Data Breaches Caused by Carelessness and More

Welcome to the Monday Morning News Kick Off post from the ITAC blog. The big cyber security news coming out on this Monday was the CNN 2-hour special called “Shock Wave: You Were Warned,” which showcased a national security cyber “war game” scenario intended show just how vulnerable we are as a nation. We have a clip from that special for you. And, we showcase a story about how data breaches are often caused by carelessness, and much more! Happy Monday.

Data Security Breaches Often Triggered by Carelessness
Often the biggest threat to your practice and patient data is not an outside hacker or a snooping employee — it’s somebody’s forgetfulness. As technology becomes smaller and more portable, it becomes easier to lose. Surveys from a data protection solutions company in 2009 found that in a six-month period, 12,500 mobile devices were left in taxis, and 4,500 USB memory sticks were left in pockets of pants sent to dry cleaners. Most people — including those in the security business — are not protecting the data on their mobile devices. So if the device is lost, the data could be accessed. Check out the full American Medical News article here.

Data-Centric Security: Mix Technology, Process
As vendors, security industry pundits, politicians, and CISOs fire volleys back and forth over the best way to protect data, attackers are taking advantage of our confusion: The consensus among the infosec community is that 2009 was worse than 2008 in terms of data loss, and that’s saying something. Remember 2008? The year 285 million records were breached–a number exceeding all of the records exposed from 2004 through 2007? Respondents to our InformationWeek Analytics Data-Centric Security Survey know something needs to give–and they hope it’s not the gates holding back the marauding hordes. Check out the full InformationWeek article here.

State to Firms: Protect Data
Companies doing business in the Bay State have just a week to comply with stringent new state laws designed to safeguard the personal information of Massachusetts residents. Beginning March 1, the state will require any entity that stores or transmits residents’ personal information to encrypt the data when it’s stored on portable devices or transmitted via the Internet. The personal information is a combination of customers’ or employees’ names and their Social Security, bank account or credit card numbers. Read the full Boston Herald article here.

CNN’s “Shock Wave: You Were Warned”
This weekend, CNN ran a special called “We Were Warned: Cyber Shockwave,” which was based upon exclusive television access to a national security cyber “war game” scenario. The simulated event was developed by The Bipartisan Policy Center. Check out the first 15 minutes of this segment here:

Happy Monday!