We use cookies and other similar technologies (Cookies) to enhance your experience and to provide you with relevant content and ads. By using our website, you are agreeing to the use of Cookies. You can change your settings at any time. Cookie Policy.

Andre Yee's Security Insider

Andre Yee

Privacy, Information Theft and Security

Vote 0 Votes

The identity theft of 26 million U.S. veterans and spouses has sparked debate and numerous investigative meetings. That significant data breach will cost us taxpayers over $100M to notify the affected parties and offer credit protection against potential abuses.

You might be thinking that this compromise of privacy information is a rare occurance or a red herring but in fact, this is merely the latest and best publicized incident in recent history. To get a better view into the number and frequency of compromises look at the record and chronology of these events at http://www.privacyrights.org/ar/ChronDataBreaches.htm

Furthermore at the time of writing, the www.privacyrights.org hadn't yet updated to include this latest faux pas.


When will organizations get serious about security? Who knows? Unfortunately, it often requires unfortunate incidents like the Veteran's Administration debacle to spur change. I'm not usually in favor of legislating our way to security but laws like California's SB 1386 legislation need to become nationally adopted. SB 1386 holds companies legally and financially responsible for communicating to customers should information held or stored about any California resident be violated. It's created the necessary incentive for at least some organizations to take seriously the stewardship of privacy data.

Meanwhile companies need be responsible to act before they get acted upon.


Andre - you are right on. The problem isn't the lack of legislation, of even whether it will be effective, but the basic lack of enforced data security.

Financial institutions in particluar need to pay attention to the insider threat - it's alarming that most don't proactively monitor their audit logs, yet this is relatively straightforward to do using real time business intelligence products.

I've posted a blog here http://www.seewhy.com/index.php?option=com_jd-wp&Itemid=27&p=6 which expands on this more fully.

The country does need to start taking ID theft more seriously. Debacle is an understatement. This is more than a monetary issue for the country. These peoples lives will be effected for a very long time. Its not bad enough they turned their life upside down to serve the country but now they have to put up with this for another 10+ years?

The very least the country could have done was protect their ID while they were serving.

An open dialogue about security and compliance for the enterprise.

Andre Yee

Andre Yee is an entrepreneur and technologist with nearly 20 years of experience in the business of technology.

Recently Commented On

Recent Webinars

    Monthly Archives