Ads by TechWords

See your link here
Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 
 

Recent breaches raise specter of liability risks

Landmark lawsuits are on the horizon, predict analysts

May 31, 2002 12:00 PM ET

Computerworld - Organizations that fail to show due diligence in protecting their data assets face a real risk of legal problems in the not-too-distant future, analysts said.
The renewed caution comes in the wake of reports this week that hackers broke into a California state personnel database and gained access to financial and confidential information on all 265,000 state government employees, including that of Gov. Gray Davis.
Incidents like this one and the recent theft of more than 13,000 confidential records from Costa Mesa, Calif.-based Experian, a major credit reporting agency (see story), are shining the spotlight more brightly than ever on liability issues for companies doing business over the Internet, warned Michael Rasmussen, an analyst at Giga Information Group Inc. in Cambridge, Mass.
"The whole issue has gotten to a scale where companies face a real risk of legal liability," he said. "There are going to be landmark cases where people are going to be suing other people. That is what is finally going to get the attention of companies."
In the California incident, a hacker broke into a database housed at the state's Stephen P. Teale Data Center in Rancho Cordova and accessed names, Social Security numbers and payroll information of state employees ranging from office workers to judges.
The break-in occurred April 5 and was discovered by the state controller's office May 7. But it wasn't disclosed to the public until May 24. The handling of the incident has provoked criticism from the California Union of Safety Employees (CAUSE), which criticized state controller Kathleen Connell for the delay in informing victims that their personal information had been compromised.
"It is an outrage that the controller herself has been negligent in recognizing the peril posed by this high-tech invasion of privacy," CAUSE President Alan Barcelona said in a statement.
Legal ramifications
Connell's office refuted the criticism and said it had acted swiftly in asking the Sacramento Valley Hi-Tech Crime Task Force to conduct a criminal investigation.
"It is the Teale Data Center and not the state controller's office that is solely responsible for the security breach, and that agency has accepted full responsibility," Connell's office said in a statement.
Incidents such as these show why companies need to ensure they are following best practices around security, said Rick Fleming, a vice president at Digital Defense Inc., a San Antonio-based security consultancy. "It won't take too many more cases of folks enduring identity theft or financial hardship for somebody to start suing," he warned.



Additional Resources

Xerox
By using solid ink technology only from Xerox, you could save up to 65% by printing color for the cost of black and white. Enter for a chance to WIN a PhaserTM 8860 network color printer!
Microsoft
Save time and mitigate security risk. Deploy it now.
Sybase
In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.

White Papers & Webcasts

How Controlling Access to Privileged Accounts Can Keep Insider Threat from Hurting Your Bottom Line
This white paper explores insider attacks and insider risk, and shows how to control them by controlling and monitoring access. The paper describes...  

Usability Is Everything
Learn what sets Workday's HR and Payroll solutions apart from the competition....

Military Uses Bit9 Parity to Defend Against New Generation Attacks
When a military organization faced an exercise, in which there was an attempt to breach and infect the network, they decided to use...  

The Value of Real SaaS at Workday
Cost savings, speed to value, and innovation brought to the enterprise by Workday's software-as-a-service solutions for HR and Payroll....

Eliminate Spam, Gain Productivity
In this exclusive whitepaper, learn all about the dangers of spam and the cost to your business....  

SaaS at Flextronics, Inc.
Dave Smoley, CIO of Flextronics, discusses the real value of software-as-a-service and why he chose Workday for his HR solution....

Accelerate SSL Encrypted Applications
The amount of SSL traffic is growing in the enterprise. Because it is encrypted, it cannot be properly controlled and accelerated. Blue Coat...  

Why Compliance Pays
This OnDemand webcast explores the relationship that firms with best compliance records have higher revenue, greater customer retention, lower financial losses from data...

ESG Lab Field Audit
Many companies have successfully implemented Riverbed WAN optimization solutions within their Cisco networks. This ESG Lab Field Audit document explores the success that...  

Agile Enterprise Content Management (ECM) for Rapid ROI
Find out how combining ECM and BPM will help adress issues about content rich business processes....

 

Symantec Report on the Underground Economy
The Symantec Report on the Underground Economy examines activity on underground economy servers observed by Symantec between July 1st, 2007 and June 30th, 2008. It includes analysis and discussion of the goods and services advertised, advertisers participating in the economy, the servers and channels that host the trading, and a snapshot of piracy activity observed.
Download this white paper 
Data Loss Risks During Downsizing
With the dramatic increase in lost jobs, companies should be aware of the possibility that these employees may be walking off with their sensitive and confidential data. An independent study done by the Ponemon Institute surveyed employees leaving their jobs and taking company data with them. This type of data loss problem may be putting companies at risk for a potential data breach. This study will help you to understand what employees are doing with the data on the laptops their employers provided them.
Download this white paper 
3 Steps to Protect Confidential Data on Laptops
Learn how to avoid being part of the one-third of security breaches that occur due to laptop theft. This report outlines specific steps to help you secure confidential data and minimize the impact of data loss resulting from stolen or missing laptops.
Download this white paper 
Managing Spend on Information Security and Audit for Better Results
The benchmarks conducted by the IT Policy Compliance Group show almost all organizations have financial incentives exceeding 100 percent to make improvements to reduce financial risk from data loss, downtime and regulatory audit. This report includes findings covering the principal operational outcomes being experienced by organizations, financial risks, losses and returns, and the practices making the most difference to control risks, reduce costs, and improve results.
Download this Report!