- MEMBERS RECEIVE ACCESS TO:
- CIO Leadership Group
  CIO Leadership Task Force provides a unique forum for Chief Information Officers from the largest cities and counties in the U.S. to privately interact, both through an online collaboration site and in regular face-to-face meetings. It offers these leaders an on-going opportunity to share information and experiences, and to discussing IT challenges facing larger community jurisdictions.
- Digital Infrastructure
  Task Force
  The Digital Infrastructure Task Force is a collaborative networking group for government IT professionals. Through timely exchange of information and experiences, both online and through regular face to face meetings, municipal and regional government members help each other to make smarter technology decisions for their communities.
- Law Enforcement
  IT Task Force
  The Law Enforcement Task Force is a collaborative networking group for local law enforcement officials from across the nation. In online and regular face to face meetings, both sworn and civilian law enforcement officials come here to discuss technology trends, collaboration and information sharing opportunities within the local law enforcement community.
- Private Events
  and Webinars
- Exclusive White Papers
- JOIN:
- Public Sector
- Private Sector
Digital Communities Home
Introduction
Feature Articles
Local Government Events
Contact
Digital Communities Blogs
Digital Citizen Pulse
Broadband Nation
Web 2.0 Convergence
In the Trenches
International Beat
Notes from a City CIO
Intelligent Communities
MuniGov 2.0
Surveys and Awards
Digital Cities Survey
Digital Counties Survey
DGAA Awards
Best of the Web Awards
Reference and
Resource Library
White Papers
Exclusives
Webinars
Best Practices
Digital Communities
Special Focus
Current Issue
Past Issues
Subscribe

Digital Communities
Industry Members

Click sponsor logos for whitepapers, case studies, and best practices.

Incomplete Data Breach Reporting Makes Tracking Hacks Tough, Organization Says

January 20, 2010 By Hilton Collins

Cyber-security's always a hot topic because people always worry about keeping data safe, but concerned parties may be missing out on the whole story when it comes to how many, or how few, data breaches happen at any given time.

The Identity Theft Resource Center (ITRC), an organization that collects information about data breaches from media sources and government notification lists, publishes data breach reports and researches IT security in public- and private-sector entities. But according to Linda Foley, who founded the center with her husband Jay Foley, it's difficult to provide a clear picture of how secure the cyber-world is because breached organizations aren't upfront enough when they've been breached and how badly.

"Breached entities, No. 1, are afraid of the consequences. They're afraid that their reputation will be damaged, of fines they might incur, of the repercussions of a trust issue," she said.

The ITRC issued a press release on Jan. 8, 2010, titled, Data Breaches: The Insanity Continues, citing the lack of a single data breach list requiring mandatory public reporting. Foley feels that this might change if the law intervened and forced organizations to step up.

"It takes law enforcement response. It takes the response of someone sitting there and saying, 'What are you going to do about it?'" she said.

The ITRC's 2009 Data Breach Report recorded more than 222 million potentially compromised records last year in 498 breaches, but in more than 52 percent of the breaches, the victimized organizations didn't disclose how many records were affected. So that 222 million? That only accounts for the breaches people wanted to talk about in public.

The insanity in this case is how difficult it is to count breaches in these circumstances. But of the data the ITRC has, breaches in the business sector number at 205 of 498 reported breaches in 2009, 41.2 percent. That's a larger concentration than in 2008, when business breaches numbered at 241 of 657 breaches, 36.7 percent. Government and military breaches constituted 90 of 498 breaches in 2009, for 18.1 percent. That's a smaller concentration than the 2008 figure, when that sector had 110 out of 657 for 16.7 percent.

Foley said many of the breaches can be reduced with better encryption and redaction, and she's hopeful that upcoming legislation can make better breach reporting required by law. S. 139, which was introduced by Sen. Dianne Feinstein, D-Calif., would required federal agencies and people involved in interstate commerce to disclose breaches of data containing personally identifiable information. The bill has passed through committee and is on the legislative calendar.

| More

Comments

Add Your Comment

Name *

Comment *

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies

Are You Sure You Are Maximizing the Value of Your Microsoft SharePoint Investment?: The Microsoft SharePoint platform provides a wealth of opportunities for any organization to streamline business processes and expand knowledge sharing; however most government organizations struggle to take advantage of these opportunities.
Hurricane Preparedness: Make sure you are prepared for hurricane season before it is here. Join in this Digital Communities teleconference and gain insight on how to prepare from experts who have been on the ground during major hurricanes.
Kofax Analytics for Capture: Does your agency struggle to add Business Intelligence to your capture operations?

Latest From Digital Communities Features

Follow @dcommunities

Government Best Practices

Digital Cities & Digital Counties Survey: Best Practice Guide

Real Time for McAfee ePolicy Orchestrator

Public Safety Guide: From Call to Car to Crisis

Public Safety Mobile Apps for 4G Networks

10 Requirements for a Successful Oracle R12 Upgrade

Kofax Analytics for Capture

Business Intelligence Roadmap

Featured White Papers & Reports

Government-to-Government IT Services: What Works and What's Left to Work Out

This Digital Communities white paper highlights discussions with IT officials in four counties that have adopted shared services models. Our aim was to learn about the obstacles these governments have faced when it comes to shared services and what it takes to overcome those roadblocks. We also spoke with several members of the IT industry who have thought long and hard about these issues. The paper offers some best practices for shared government-to-government services, but also points out challenges that government and industry still must overcome before this model gains widespread adoption.

View Full Library

Events

GTC East

Don't miss this opportunity to see the latest in digital government solutions, keep abreast of current policy issues and network with key government executives, technologists and industry specialists.

View All Events