Compliance
Federal CIO Kundra Plans Cybersecurity Dashboard
The White House will introduce new tools and metrics for measuring and managing the federal government's cybersecurity efforts, federal CIO Vivek Kundra said in testimony to Congress.
CIOs unwilling to scrimp on security in tough times
Nearly two-thirds of CIOs worldwide say they intend to maintain and even increase their spending on information security despite the economic downturn.
Brussels criticises UK on privacy
The UK government has been accused of failing to protect citizens' privacy by the European Commission.
University Memo: Protection of Personal Information
Dear Colleagues,
Each year we issue a reminder regarding the need to protect personal
confidential information to which we have been granted access in order
to fulfill the requirements of our job functions. The protection of
this information, also known as "Non-Public Personal Information"
(NPPI), is mandated by federal and state law, as well as Rutgers policy
(e.g., Rutgers Policy 50.3.9, http://policies.rutgers.edu).
All units and staff members that create, store, or transmit such
information are required to do so in a manner which protects NPPI.
Federal Taskforce To Focus On Cybersecurity Metrics
Cross-agency taskforce will emphasize cybersecurity outcomes over compliance, says federal CIO.
Article link
PCI More Of A 'Check-Box' Than Security For Most Retailers
New survey shows less than one-third of small businesses are PCI-compliant, while 70 of large businesses are.
National Retail Federation Poll: Small Retailers Struggling To Understand PCI
Nearly 86 percent are familiar with PCI, but nearly half can't demonstrate their compliance with the payment card standard.
Article link
FTC Issues Final Order In CVS Caremark Data Security Case
Pharmacy giant to pay penalties for mishandling customer data, violating HIPAA regulations.
Article link
Department Responsibility for Non-Public Personal Information
Departments maintaining non-public personal information (NPPI) are responsible for that information and any disclosure of it. Departments holding unnecessary NPPI should remove and properly dispose of it. Departments should actively scan for identification of NPPI on servers, desktops and laptops to assure that no NPPI remains unidentified, inviting a breach or compromise.
The Importance of IT Security
Due to advances in technology, communicaton and the university's decentralizd nature, it is increasingly difficult to ensure that this information is provided in such a way that its integrity is ensured.
