Smarter Decisions. Safer World. ICAE Conference Identity Theft Review Steve Keen.

Slides:

Advertisements

Similar presentations

Organizational Governance

Advertisements

Red Flag Rules: What they are? & What you need to do

The importance of a Compliance program is to ensure that our agency meets the highest possible standards for all relevant federal, state and local regulations,

Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.

Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page Security Mega Trends Survey Independently conducted by Ponemon Institute.

What’s Next What We believe Who We Are Cloud Computing Big data Mobility Social Enterprise.

© 2003 IBM Corporation Privacy 12 th CACR Workshop Yim Y. Chan Chief Privacy Officer & CIO IBM Canada Ltd. w3.ibm.com/Privacy.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

Securing Your Networks Personal Safety Rules Apply Here Too. Corporate Identity Theft SPAM.

1 McGraw-Hill/Irwin Copyright © 2004, The McGraw-Hill Companies, Inc. All rights reserved. Ethical Challenges Ethics Principles of right and wrong that.

The ChoicePoint Attack – Case Study. Team F Susan Crowley Nafisah Hunter Beata Kolodziej Ingrid Macias Toni Steiner Maria Velasco.

Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Ch. 17 Public Relations, Publicity, and Corporate Advertising n Public Relations – n a management function that has as its primary responsibility the.

© 2003, EDUCAUSE/Internet2 Computer and Network Security Task Force Computer Access, Privacy and Security: Legal Obligations and Liabilities Rodney J.

TOOL KIT INTERNAL COMMUNICATION. PRESENTERS Faiza Ameer Husnain Yousuf Abeer Amin Atia Iqbal Hasan Aziz.

New Data Regulation Law 201 CMR TJX Video.

Clinton Ho Program Manager Microsoft Corporation SESSION CODE: SIA311.

External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.

A NASSCOM ® Initiative DSCI-KPMG Survey 2010 State Of Data Security and Privacy in the Indian Banking Industry Vinayak Godse Director- Data Protection,

Kholoud AlSafadi Ethical Issues in Information Systems and the Internet.

A ID Theft & ACCOUNT FRAUD Welcome to MoneyWI$E A CONSUMER ACTION AND CAPITAL ONE PARTNERSHIP Prevention & Cleanup.

Social Media Jeevan Kaur, Michael Mai, Jing Jiang.

Implementing and Auditing Ethics Programs

HROFFICE USER CONFERENCE 2005 Creating an Effective Ethics and Compliance Program Ascentis User Group September, 2005.

Track II: Introduction and Overview of Financial Services and Information Technology Privacy Policy: Synthesizing Financial Services Industry Privacy David.

Responding to a Security Incident Maryland Security Day March 2, 2004 Joy Hughes, CIO

Case Study: Department of Revenue Data Breach National Association of State Auditors, Comptrollers and Treasurers March 21, 2013.

Managing the Privacy Function at a Large Company Kimberly S. Gray, Esq., CIPP Chief Privacy Officer Highmark Inc.

Chapter 12 by Lisa Reeves Bertin Securing Information in a Network.

Implementing and Auditing Ethics Programs

New Realities. New Opportunities. Engaging employers on immigrant employment Elizabeth McIsaac, TRIEC Toronto LIPs Labour Market Meeting 14 April 2010.

AUTHENTICATION IN AN INTERNET ENVIRONMENT Dominick E. Nigro NCUA Information Systems Officer.

1 Today’s Presentation Sarbanes Oxley and Financial Reporting An NSTAR Perspective.

The Significance and Evolution of End User Privacy Julie Earp College of Management North Carolina State University WISE 2010 Sponsored by TRUST June 21-24,

1 Office of the Privacy Commissioner for Personal Data Hong Kong SAR Tony LAM Deputy Privacy Commissioner for Personal Data Asian Personal Data Privacy.

» Jun 9, 2003 Speaker Verification Secure AND Efficient, Deployments in Finance and Banking Jonathan Moav Director of Marketing

Logging Antivirus Examples Use recent examples from media of such attacks (RSA, Epsilon, Oak Ridge National Labs, HBGary). Articles in business magazines.

Dangerous Documents. Legal Compliances State and federal laws Contractual obligations Subject to an affirmative legal duty to establish and maintain certain.

Information Security Governance and Risk Chapter 2 Part 3 Pages 100 to 141.

Protecting Your Organization Identity Theft and Data Breach.

Greater Toronto Hockey League The Implementation of PIPEDA and Amateur Sports – A Case Study.

Presented by: Presented by: Tim Cameron CommIT Project Manager, Internet 2 CommIT Project Update.

1 User Policy (slides from Michael Ee and Julia Gideon)

A PRACTICAL GUIDE TO RESPONDING TO A HEALTHCARE DATA SECURITY BREACH May 19, 2011 | State College, PA Matthew H. Meade Stephanie Winer-Schreiber.

The Impact of Privacy on HP’s Customer Relationship Management Solution Mike Overly Vice President, Marketing © 2003 Hewlett-Packard Development Company,

00 CHAPTER 1 Governance, Ethics, and Managerial Decision Making © 2009 Cengage Learning.

The Privacy Symposium – Summer 2008 Identity Theft Resource Center Jay Foley, Executive Director Presents: Privacy: Pre- and Post-Breach © Aug 2007.

1 Canadian Accredited Independent Schools Annual General Meeting October 14, 2011 Executive Director Report.

G:\99Q3\9220\PD\AJD2.PPT 1 Harriet P. Pearson Chief Privacy Officer IBM February 7, 2003 IBM.

0 Best Practices in achieving Good Corporate Governance - a Practitioner’s Perspective “We have no lessons to give, only experience to share” June 2005.

Unit 9: Electronic Fraud Professor Thomas Genovese.

The Direction of Information Security and Privacy in State Government Presented by Colleen Pedroza Chief Information Security Officer California State.

CYBER SECURITY & ITS IMPACT ON FINANCIAL STATEMENTS AUDITS BOB WAGNER TUESDAY, NOVEMBER FLORIDA SCHOOL FINANCE OFFICERS ASSOCIATION CONFERENCE.

CYBERSECURITY: RISK AND LIABILITY March 2, 2016 Joshua A. Mooney Co-chair-Cyber Law and Data Protection White and Williams LLP (215)

1 Consumer Affairs Overview MTAC Mike Spates, Vice President & Consumer Advocate 2/23/2005.

Mary Trauner Senior Research Scientist Georgia Institute of Technology Middleware for Video.

Data Breach ALICAP, the District Insurance Provider, is Now Offering Data Breach Coverage as Part of Our Blanket Coverage Package 1.

MGMT 452 Corporate Social Responsibility

Protection of CONSUMER information

Dr. Karen A. Forcht Professor of Information and Decision Sciences

Who Uses Encryption? Module 7 Section 3.

General Counsel and Chief Privacy Officer

Consumer Privacy An Introduction

Unit 8 Network Security.

Colorado “Protections For Consumer Data Privacy” Law

Anatomy of a Common Cyber Attack

Presentation transcript:

Smarter Decisions. Safer World. ICAE Conference Identity Theft Review Steve Keen

2 “Achieve industry-leading credentialing, compliance and privacy program objectives that reinforce the responsible use and protection of ChoicePoint data and services and continue to build credibility with the privacy community and the public” Policy Review and Development Customer, Employee and Vendor Compliance Outreach & Communications ChoicePoint’s Strategic Goals & Direction

Organizational Actions Created independent office of Credentialing, Compliance and Privacy that reports to the Board of Directors Established full-time liaison with law enforcement Engaged Ernst & Young to conduct a best practices study of ChoicePoint Established Corporate Credentialing Center

4 Identify Theft Related Processes Free Consumer Reports – Fact Act, Public Records, File Disclosure Marketing Opt Out Program File Freeze Compliance Program for: – (NV - 10/05, NJ - 1/06, ME - 2/06) Consumer Verification (Manual/Smart Questions) Customer Credentialing – Physically/Electronically Mask Personally Identifiable Information (PII) Eliminated support for Non-Sponsored Agents

5 Technology Solutions Implemented Password Reset using Biometrics (Voice Prints) US Internet Access Policy External/Internal Server Scans Eliminating contributions on Physical Media Encryption (SSL, SFTP, PGP)

6 Selected Best Practices to Consider External Scrutiny Enhanced Network/Access Security Tools –(Two Factor Login, IDS, IPS) Physical Office Security Review Employee Security Awareness Program

7 External/Public Efforts Identity Theft Resource Center – Privacy at ChoicePoint – Visits to Customers and Conferences

8 CSO Identity Theft Survey – 7/21/2005 Source: CSO Magazine Out of 389 CSO’s and senior Security Executives 58% - Identity Theft can be prevented 29% - Will happen regardless of consumer precautions 74% - Both the consumer and lax security at organizations was to blame 16% - Due to an organizations failure to protect data