BreachExchange mailing list archives
Re: CTS: Thief Steals Tax Records
From: James Childers <james () iqbio net>
Date: Sun, 4 Feb 2007 14:14:04 -0800
Point taken... of course we are just talking about the "norms". There are exceptions to every rule. James Childers -----Original Message----- From: dataloss-bounces () attrition org [mailto:dataloss-bounces () attrition org] On Behalf Of lyger Sent: Sunday, February 04, 2007 2:09 PM To: dataloss () attrition org Subject: Re: [Dataloss] CTS: Thief Steals Tax Records Since I almost never get to jump into these discussions, please allow me to retort. I find a couple of the comments below to be somewhat stereotypical. "IT guys" are generally considered to be "geeks" and nothing more, even if they have years of experience in fields that have to deal with regulatory compliance issues on a daily basis. Some "IT guys" are absolutely capable of making business decisions, especially when the decision in question concerns protecting their company from bad choices made by the "business leaders" who fail to understand the basics of risk assessment and risk management, specifically those that deal with the loss of client, customer, or employee information. While it may be true that "a large percentage of IT guys" aren't as versed in regulatory compliance as their "business leader" counterparts, the same can be said for the "business leaders" who aren't concerned with the impact a data breach can have on their company and fail to enable their "IT guys" to provide valuable input into the decision-making process. Just my opinion. Lyger On Sun, 4 Feb 2007, James Childers wrote: ": " An absolute recipe for disaster is when you let the I.T. "guys" make ": " business decisions. ": " ": " Thanks for the info. ": " ": " James Childers ": " http://www.iqbio.com ": " http://www.clipbio.com ": " ": " -----Original Message----- ": " From: George Toft [mailto:george () myitaz com] ": " Sent: Sunday, February 04, 2007 1:45 PM ": " To: James Childers ": " Cc: blitz; dataloss () attrition org ": " Subject: Re: [Dataloss] CTS: Thief Steals Tax Records ": " ": " The FTC clearly calls out tax preparers as being required to comply with ": " ": " GLBA (http://www.ftc.gov/bcp/conline/pubs/buspubs/glbshort.htm 3rd ": " paragraph). However, in September, 2006, CPA's were able to become ": " exempt from the privacy rule of GLBA ": " (http://www.icpas.org/icpas/ei/gbarticle.asp). They are still required ": " to comply with the Security Rule, which nobody seems to know about. ": " ": " CPA's by nature are very tight-fisted with their money, and they see ": " this as yet another expense that has no benefit. "If it's not broke, ": " why should I fix it?" ": " ": " This list's members are very proactive and forward-thinking. Securing ": " information is obvious to us, but eludes others, so they delegate the ": " task to "the IT guy" and it's his problem because "he understands that ": " stuff." Problem is, a large percentage of IT Guys I've spoken with are ": " clueless about regulatory compliance and the finer art of information ": " security. ": " ": " George Toft, CISSP, MSIS ": " My IT Department ": " www.myITaz.com _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 146 million compromised records in 562 incidents over 7 years. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 146 million compromised records in 562 incidents over 7 years.
Current thread:
- CTS: Thief Steals Tax Records Dissent (Feb 03)
- Re: CTS: Thief Steals Tax Records George Toft (Feb 03)
- Re: CTS: Thief Steals Tax Records blitz (Feb 04)
- VA Breach - Stupidity Redux James Childers (Feb 04)
- Re: CTS: Thief Steals Tax Records George Toft (Feb 04)
- Re: CTS: Thief Steals Tax Records James Childers (Feb 04)
- Re: CTS: Thief Steals Tax Records George Toft (Feb 04)
- Re: CTS: Thief Steals Tax Records James Childers (Feb 04)
- Re: CTS: Thief Steals Tax Records lyger (Feb 04)
- Re: CTS: Thief Steals Tax Records James Childers (Feb 04)
- Re: CTS: Thief Steals Tax Records blitz (Feb 04)
- Re: CTS: Thief Steals Tax Records George Toft (Feb 03)
- Re: CTS: Thief Steals Tax Records Adam Shostack (Feb 04)
- Re: CTS: Thief Steals Tax Records B.K. DeLong (Feb 04)
- Re: CTS: Thief Steals Tax Records George Toft (Feb 04)
- <Possible follow-ups>
- Re: CTS: Thief Steals Tax Records Max Hozven (Feb 03)