The penalties paid out by HSBC and Standard Chartered Bank for violations to money-laundering regulations should serve as a wake-up call, says Kevin Sullivan. In fact, banking institutions should brace for more fines.
The answer seems obvious, especially in the context of IT security and information risk. Yet, is it, especially when developing codes and standards, as well as funding research and development initiatives that involve taxpayer money?
As the recent PATCO case shows, fraud litigation is moving away from just establishing damages. The key legal question now is: What is reasonable security? Attorneys discuss the 2013 fraud legal landscape.
The individual implementing security - the chief information officer - can't be the same as the person responsible for testing security, conducting audit and reporting on security weaknesses, South Carolina Inspector General Patrick Maley says.
Given the magnitude of sensitive information on Social Security Administration computers, the inspector general says, any loss of confidentiality, integrity or availability of systems or data could have a significant impact on the nation's economy.
Despite numerous data breaches, as well as financial incentives and penalties, many healthcare organizations aren't taking risk assessment requirements seriously. Experts offer insights on best practices.