U.S. Gov't Boosts Data Breach Monitoring

["Fergie" <fergdawg () netzero net>]

Via UPI.

[snip]

The U.S. Office of Management and Budget is boosting its standards on
reporting breaches of data security.

In an effort to improve the federal response to data breaches putting
personal information such as Social Security numbers at risk, the OMB
is eliminating the distinction between suspected and confirmed breaches
for reporting purposes, GovExec.com reported Friday.

In a July 12 memorandum, Karen Evans, administrator of OMB's Electronic
Government and Information Technology division, said that agency chief
information officers should not hold back reporting suspected breaches,
both electronic and physical, to the Homeland Security Department's
computer emergency readiness team, known as US-CERT.

The memo said that all security incidents involving such information
must be reported within an hour. US-CERT reporting guidelines for
federal agencies already require reporting within one hour for any
incidents involving unauthorized electronic or physical access to
federal systems or data, GovExec.com said.

[snip]

More here:
http://www.upi.com/SecurityTerrorism/view.php?StoryID=20060717-083627-7071r

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.