Re: Federal Grants Revoked due to Data Breaches?

[Thomas Siu <thomas.siu () CASE EDU>]

Hello Daniel,
I've heard of Grants being revoked because the researcher assented to their institution's compliance with FISMA, which 
was not something the PI could, without the collaboration of the university IT organization, reliably state.
In the case of Data Breaches, I've heard nothing to this effect.  It is more common now for Federal research dollars to 
be awarded in contracts, which have specific consequences, and those that are current do not specify such a consequence.
Regards,
Tom
On Jul 28, 2011, at 12:00 AM, SECURITY automatic digest system wrote:

> There is 1 message totalling 196 lines in this issue.
>
> Topics of the day:
>
>  1. Federal Grants Revoked due to Data Breaches?
>
> ----------------------------------------------------------------------
>
> Date:    Wed, 27 Jul 2011 10:37:17 -0400
> From:    "Sarazen, Daniel" <dsarazen () UMASSP EDU>
> Subject: Federal Grants Revoked due to Data Breaches?
>
> --_004_BF662A4EE06D844081EA3B2DB8CCF22B12560AEBFDSSUMPEXCLUS01_
> Content-Type: multipart/alternative;
>       boundary="_000_BF662A4EE06D844081EA3B2DB8CCF22B12560AEBFDSSUMPEXCLUS01_"
>
> --_000_BF662A4EE06D844081EA3B2DB8CCF22B12560AEBFDSSUMPEXCLUS01_
> Content-Type: text/plain; charset="us-ascii"
> Content-Transfer-Encoding: quoted-printable
>
> Hi All,
>
> Quick question:
>
> Does anybody have any example(s) of research funding actually being revoked=
> due to data breaches or security concerns?
>
> Thanks,
> [cid:image001.gif@01CC4C49.2808F120]
>
> :: Daniel Sarazen, CISSP, CISA
> :: Senior Information Technology Auditor
> :: University Internal Audit
> :: University of Massachusetts President's Office
>
> :: 774-455-7558
> :: 781-724-3377 Cell
> :: 774-455-7550 Fax
> :: Dsarazen () umassp edu<mailto:Dsarazen () umassp edu>
>
> University of Massachusetts : 333 South St. : Suite 450 : Shrewsbury, MA 01=
> 545 : www.massachusetts.edu<http://www.massachusetts.edu/>
>
>
>
>
>
> --_000_BF662A4EE06D844081EA3B2DB8CCF22B12560AEBFDSSUMPEXCLUS01_
> Content-Type: text/html; charset="us-ascii"
> Content-Transfer-Encoding: quoted-printable
>
> <html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
> osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
> xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml"; xmlns=3D"http:=
> //www.w3.org/TR/REC-html40"><head><META HTTP-EQUIV=3D"Content-Type" CONTENT=
> =3D"text/html; charset=3Dus-ascii"><meta name=3DGenerator content=3D"Micros=
> oft Word 14 (filtered medium)"><!--[if !mso]><style>v\:* {behavior:url(#def=
> ault#VML);}
> o\:* {behavior:url(#default#VML);}
> w\:* {behavior:url(#default#VML);}
> .shape {behavior:url(#default#VML);}
> </style><![endif]--><style><!--
> /* Font Definitions */
> @font-face
>       {font-family:Calibri;
>       panose-1:2 15 5 2 2 2 4 3 2 4;}
> @font-face
>       {font-family:Tahoma;
>       panose-1:2 11 6 4 3 5 4 4 2 4;}
> @font-face
>       {font-family:Verdana;
>       panose-1:2 11 6 4 3 5 4 4 2 4;}
> /* Style Definitions */
> p.MsoNormal, li.MsoNormal, div.MsoNormal
>       {margin:0in;
>       margin-bottom:.0001pt;
>       font-size:11.0pt;
>       font-family:"Calibri","sans-serif";}
> a:link, span.MsoHyperlink
>       {mso-style-priority:99;
>       color:blue;
>       text-decoration:underline;}
> a:visited, span.MsoHyperlinkFollowed
>       {mso-style-priority:99;
>       color:purple;
>       text-decoration:underline;}
> p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
>       {mso-style-priority:99;
>       mso-style-link:"Balloon Text Char";
>       margin:0in;
>       margin-bottom:.0001pt;
>       font-size:8.0pt;
>       font-family:"Tahoma","sans-serif";}
> span.EmailStyle17
>       {mso-style-type:personal-compose;
>       font-family:"Calibri","sans-serif";
>       color:windowtext;}
> span.BalloonTextChar
>       {mso-style-name:"Balloon Text Char";
>       mso-style-priority:99;
>       mso-style-link:"Balloon Text";
>       font-family:"Tahoma","sans-serif";}
> .MsoChpDefault
>       {mso-style-type:export-only;
>       font-family:"Calibri","sans-serif";}
> @page WordSection1
>       {size:8.5in 11.0in;
>       margin:1.0in 1.0in 1.0in 1.0in;}
> div.WordSection1
>       {page:WordSection1;}
> --></style><!--[if gte mso 9]><xml>
> <o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
> </xml><![endif]--><!--[if gte mso 9]><xml>
> <o:shapelayout v:ext=3D"edit">
> <o:idmap v:ext=3D"edit" data=3D"1" />
> </o:shapelayout></xml><![endif]--></head><body lang=3DEN-US link=3Dblue vli=
> nk=3Dpurple><div class=3DWordSection1><p class=3DMsoNormal>Hi All,<o:p></o:=
> p></p><p class=3DMsoNormal><o:p>&nbsp;</o:p></p><p class=3DMsoNormal>Quick =
> question:<o:p></o:p></p><p class=3DMsoNormal><o:p>&nbsp;</o:p></p><p class=
> =3DMsoNormal>Does anybody have any example(s) of research funding actually =
> being revoked due to data breaches or security concerns?<o:p></o:p></p><p c=
> lass=3DMsoNormal><o:p>&nbsp;</o:p></p><p class=3DMsoNormal>Thanks,<o:p></o:=
> p></p><table class=3DMsoNormalTable border=3D0 cellpadding=3D0 width=3D640 =
> style=3D'width:480.0pt'><tr><td width=3D49 valign=3Dtop style=3D'width:36.7=
> 5pt;padding:.75pt .75pt .75pt .75pt'><div><p class=3DMsoNormal><img width=
> =3D47 height=3D37 id=3D"Picture_x0020_1" src=3D"cid:image001.gif@01CC4C49.2=
> 808F120" alt=3D"Description: http://media.umassp.edu/pix/mail/umass.gif";><s=
> pan style=3D'font-size:12.0pt'><o:p></o:p></span></p></div></td><td width=
> =3D585 valign=3Dtop style=3D'width:438.75pt;padding:.75pt .75pt .75pt .75pt=
> '><p class=3DMsoNormal><span style=3D'font-size:8.5pt;font-family:"Verdana"=
> ,"sans-serif";color:#5F5F5F'>:: <b>Daniel Sarazen</b>, CISSP, CISA<o:p></o:=
> p></span></p><p class=3DMsoNormal><span style=3D'font-size:8.5pt;font-famil=
> y:"Verdana","sans-serif";color:#5F5F5F'>:: Senior Information Technology Au=
> ditor<br>:: University&nbsp;Internal Audit<br>:: University of Massachusett=
> s President's Office</span><span style=3D'font-size:12.0pt'><o:p></o:p></sp=
> an></p></td></tr><tr><td colspan=3D2 valign=3Dtop style=3D'padding:.75pt .7=
> 5pt .75pt .75pt'><div><p class=3DMsoNormal><span style=3D'font-size:8.5pt;f=
> ont-family:"Verdana","sans-serif";color:#5F5F5F'>:: 774-455-7558</span><spa=
> n style=3D'font-size:12.0pt'><o:p></o:p></span></p></div><div><p class=3DMs=
> oNormal><span style=3D'font-size:8.5pt;font-family:"Verdana","sans-serif";c=
> olor:#5F5F5F'>:: 781-724-3377 Cell<br>::&nbsp;774-455-7550 Fax<br>:: <a hre=
> f=3D"mailto:Dsarazen () umassp edu"><span style=3D'color:blue'>Dsarazen@umassp=
> .edu</span></a></span><o:p></o:p></p></div><div><p class=3DMsoNormal><span =
> style=3D'font-size:8.5pt;font-family:"Verdana","sans-serif";color:#5F5F5F'>=
> <br>University of Massachusetts : 333 South St. : Suite 450 : Shrewsbury, M=
> A 01545 : <a href=3D"http://www.massachusetts.edu/"; title=3D"http://www.mas=
> sachusetts.edu/"><span style=3D'color:#660000'>www.massachusetts.edu</span>=
> </a></span><span style=3D'font-size:12.0pt'><o:p></o:p></span></p></div></t=
> d></tr></table><p class=3DMsoNormal><o:p>&nbsp;</o:p></p><p class=3DMsoNorm=
> al><o:p>&nbsp;</o:p></p><p class=3DMsoNormal><o:p>&nbsp;</o:p></p></div></b=
> ody></html>=
>
> --_000_BF662A4EE06D844081EA3B2DB8CCF22B12560AEBFDSSUMPEXCLUS01_--
>
> --_004_BF662A4EE06D844081EA3B2DB8CCF22B12560AEBFDSSUMPEXCLUS01_
> Content-Type: image/gif; name="image001.gif"
> Content-Description: image001.gif
> Content-Disposition: inline; filename="image001.gif"; size=1888;
>       creation-date="Wed, 27 Jul 2011 10:37:18 GMT";
>       modification-date="Wed, 27 Jul 2011 10:37:18 GMT"
> Content-ID: <image001.gif@01CC4C49.2808F120>
> Content-Transfer-Encoding: base64
>
> R0lGODlhLwAlAPcAAAAAAP///+fn95SlxpytxpytzqWlxqWtxv7+/s6cnNaUnM6UnM6cpc6MlOfn
> 56291gAAWgAhcwAYawAYcwAYYylChJxCSmsAAHMAAGMAAM6trb291gApewApcwAxe0pjlKVja3sA
> EHsACNattbXG1gAQY2t7pb2UlHMAEHMACNatrbW91gAhawAQawAIWoyUtYQACNa1tQAIY1JznISU
> xqW1zoycvTFSjOfOznuMtaWtzlprnDlalGNzpe/v96VKSs61tXuMvc7W3iE5hIwhKXsAGHsAAO/+
> /u/39xg5eylKlKVSWpQ5QrVaa6Vrc7VzhJRCSr3G3ggpa5Scvefv94w5Off+92tzpa2tzrVrc7XG
> 3gAAUnOErefWzvfv75ylzlJjnNa1vdalrdbe70JajIQYIbV7e2uErTlSlJw5Qpw5Soylxq1ja4QQ
> GCk5hJylxmt7rQgxe8acnPfv97VrazFChIScvc6lpd7W3v739969xta9xpxCUt7n7+fW1ufe3vf3
> 95wxOZQxOTFSlO/W3owpKaVjY4wpMbVzc4wIGL2MlPfn5/f+/sbO3t7GvefO1s6ttYwxMbXO76W9
> zr2ElPfe5xg5hO/e3rVze72MjP7+99bn9xA5hN7OznsQEN7e53OMvWN7rXOMtXucvXOEte/n77V7
> jL17jMaEjL2EjLW9zhgxe1p7pRAxc0JSlCE5ewAQWq21zlqErQghc63G3kJalGuEtZStxhhChISM
> tdbe52NrpQgpexAxeylSjEJjlAAhYyFChGuMtQgpc+fn74SUvZStzt7W50JjnO/v73OMrYyUvef3
> 9wAAY9bn70prpd7n9wAxc0pzpVJrnCFKhHuUvaW1xufn1t7e3pSlvVp7rZScxoScxsbG3oSUtcbW
> 5+/n91pzpbW93s7W52OErYycxufv7wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAALwAlAAAI/wAFDCBQ
> wEABggcOFhiAoKHDhwkUJFjAQCJFiQ0cIAjAsaPHBxAiSJhAQSRJkRIqPHxo4QIGDC5fxsSQQcNG
> jzg3SIjAoYMHnj6BTviwEgEIDCFEJA3BVITSEBhG3MTZkUQJDz6zYt3aQYKJhycuoGi6NAWKFE4x
> qJhKNcAKCUF7cuAZQSSLFi5eNNRwQQSMpSJQOP3LFEMMtlStcsUaQYaHGTRqPLBx4wGOC0kFA94s
> Qi1inG+BcpAgIUdDHTt49PDR8EffpX+dBobhFAUGIJ89kqCAlUOJIAiEDClBoQOLCCUcEkFbJHAK
> qBiMoE3quW3Htx06RDiCJEkJ7XM5sP9Q4nCJEadJOzNp4uQJlLS4rXOM8l0KgiktWCyO0IKKQyMo
> 0KYUBlU4ZAVmna0ln1slRIDAFS0A9dNcJWDhUBZIPYeWCA9JN6BUC2qxBQIEtKBVVhJw4VAXrykl
> wgVeOMQEBs91BqJ8X5i2U08TdgXGQxgE5mIGYTgkRosp3JZbR2MgUMBVJ7JAxkNlAOjiBWY81Bd6
> tt1oXUNnRBCXcWg8lAZSIQiGgRoPzbgUdfHJ19AaUGLFwg0PsYGgYCK08VAYCDbXXHVyNkRadiy4
> 8ZAZYrmY5EpBNiWYbXFaV8MbDcERRwRJPCTHnjCkcMEcD9GBZmwhGEGodStAUIcdb/D/4KBDdyDI
> lKh4PJRHBi4CZuOSHGlRwmgRUPCQHrYqdcEeK/GBlBGZPbVqWzp1wIEMfTjkxwUbKpXBYQ/9gZSQ
> b3ZWaVvCelCCDg4B0tdzf11Q5EqBbJiCIOMmdYGX1ErAwiBApvBcCKLO+xAhCL6IwLuFnUuVsBLk
> 4VAhkYog6h9FIWAItBaXgcAh6L2ooHwryPBjQ4hs+WIiGTeEAZ8YKILAdHACG4AWEDzQ0CLcpnoB
> Iow0krEjPVuMwCOY1YgBJDZvIMMKKLt0QSR5SALBJBlTghRMlSAA4FJd2vzAFpY0dAkmmWiyCScQ
> lFBDxp1ccIEnXswB00t4XzCydZ+A/3KGFg8VEIooo5DSZMulIOAFHaacgoopqUT+BMYLtmx5y0hc
> brMqLhiLAAQQIEABBasgMMcWLrDSUCsluNKQVaCXjcArLmwhQRQNhfhdQ7BIgIAHLPhOwE5ffZKf
> 7wiQFossFOTARQs7PMBCB7nLt0ELszTUQnKzdNACLbV0FQoCtpQwgwy3INAVLrnoggApMnCwC9TV
> W6cFLB40VILvvPTiywcR+IVXEACM/LUgGAgABA9cgBfTCOMuJRhG/drSiBb4jhgSaIH6OFAMCxpD
> Bmc4RoSQQZpkKGMZJJJAKx6QC2aorxnOsNnsJECBFsjgGQhoDDQgEI1GNIML0nABD0WmQQ0X0KAC
> zWABByBQDWu0jRNXuQY2KoeAbGjjCgVoyDa4gYA1dIMK3vjGNuzQEHDAyknhuII4GjIOcvSgHAgw
> xxTlExAAOw==
>
> --_004_BF662A4EE06D844081EA3B2DB8CCF22B12560AEBFDSSUMPEXCLUS01_--
>
> ------------------------------
>
> End of SECURITY Digest - 26 Jul 2011 to 27 Jul 2011 (#2011-146)
> ***************************************************************

--
   Tom Siu                             
   Chief Information Security Officer
   Case Western Reserve University
   thomas.siu () case edu
   www.case.edu/its/infosec
   my pgp key can be found at
   keyserver.pgp.com
   216-368-6959
--.--.--.--.--.--.--.--.--.--.--.--.--.--.--.--.

Attachment: smime.p7s
Description: