Here's an example of how another organization does it. ---------- Forwarded message ---------- From: ACM Bulletin <[email protected]> Date: Thu, May 5, 2011 at 1:24 PM Subject: [ACM-BULLETIN] Today's Topic: ACM Public Policy Council Chair Testifies on Prevention of Data Theft To: [email protected]
Today's Topic: *ACM Public Policy Council Chair Testifies on Prevention of Data Theft* Thursday, May 5, 2011 ------------------------------ Eugene Spafford, chair of the U.S. public policy council of ACM (USACM<http://usacm.acm.org/>), testified before a Congressional committee that the growing instances of disclosure and loss of personal information from computer databases points to inadequate privacy protection. Speaking to a U.S. House of Representatives Energy and Commerce subcommittee, Spafford described the technical aspects of consumer data disclosures that occur - from accidental to criminal behavior - and presented a range of recommendations to prevent breaches and protect citizens from this rising threat. The May 4 hearing by a House subcommittee concerned the threat of data theft to American consumers. In his testimony, Spafford cited several recent high profile cases of reported security breaches including Sony and Epsilon. He noted that the mounting incidences of compromising personally identifiable information - in both the government and private sectors - often result from database system operators who continue to run outmoded, flawed software, fail to follow standard practices, and maintain insufficient training or support. In addition to his recommendations for additional investments in cyber forensic technologies and support for fundamental and applied research in privacy and security technologies as well as a stronger cybersecurity workforce through education, Spafford urged organizations to follow the 24 privacy recommendations endorsed by USACM for use by database operators, which were attached to his written testimony. A professor at Purdue University, Spafford is Executive Director of the Center for Education and Research in Information Assurance and Security (CERIAS). Transcript of full testimony.<http://usacm.acm.org/PDF/DataTheftTestimony050411.pdf> USACM Privacy Recommendations.<http://usacm.acm.org/usacm/Issues/Privacy.htm> <http://www.acm.org/public-policy> [image: Find us on Facebook]<http://www.facebook.com/pages/ACM-Association-for-Computing-Machinery/17927643151?ref=ts> [image: ACM at LinkedIn]<http://www.linkedin.com/groupInvitation?groupID=36836&sharedKey=0892EF71552B> [image: TheOfficialACM Twitter] <http://twitter.com/TheOfficialACM> ------------------------------ *To unsubscribe:* Enter your email address<http://optout.acm.org/listserv_index.cfm?ln=acm-bulletin> [email protected] ------------------------------ *Association for Computing Machinery* Advancing Computing as a Science & Profession © 2011 ACM, Inc. All rights reserved
_______________________________________________ Discuss mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
