by Michael Peters

Easiest way to breach a bank? Just hold-em-mop!

On July 29, 2011, Massachusetts Attorney General Martha Coakley announced a $7,500 settlement with Belmont Savings Bank following a May 2011 data breach involving the names, Social Security numbers and account numbers of more than 13,000 Massachusetts residents.  The bank has stated that it has no evidence of unauthorized access to or use of consumers’… Read More

by Michael Peters

Expanding Security Breach Notification Requirements in California

A new amendment to California’s security breach notification law will raise the stakes for businesses required to give notice of a data security breach affecting California residents. California Senate Bill 24 (“SB 24”), signed by Governor Brown on August 31, 2011, imposes detailed new requirements for the content of security breach notices. Significantly, SB 24… Read More

by Michael Peters

Geolocational Privacy and Surveillance Act – First Blush

The law does not lead, it follows. Our system is very reactive in nature. It tends to change, without my surprise, like people generally do as a direct result to negative events or influences. Smokers quit following the heart attack and our legal system create laws based upon past events. GPS technology has been around… Read More

by Michael Peters

Weekly Digest for August 25th

mdpeters posted 2 items. User:CalvertRushplh User:CalvertRushplh mdpeters posted 8 items. User:RichardWashingtonimi User:DrewBoonevxy User:EatonChapmanteh User:FrancisMayszrs User:FrancisMayszrs User:EatonChapmanteh User:DrewBoonevxy User:RichardWashingtonimi mdpeters posted 3 items. Computer Fraud and Abuse Act Computer Fraud and Abuse Act

by Michael Peters

The PCI Challenge

It is frequently in the news.  Reports have been written.  Punitive and compensatory damages have been awarded.  Companies around the globe have been challenged to find the resources required to comply with the Payment Card Industry Data Security Standard (PCI DSS). The prime PCI DSS objective is to protect cardholder data. The prime objective of… Read More

by Michael Peters

Juris Doctor 135-143 of 161: The Geek Shall Inherit the Universe

Cyber-espionage and Cyber-warfare poses the greatest threat to our society today. No longer are massive militarized forces with the most advanced weaponry the force to fear. The forces to be feared now are computer geeks. A single person or just a few cyber-savvy individuals working together as a team now possess the power to bring… Read More

by Michael Peters

Dropbox? More Like Dropball!

There has been a putative class action complaint filed on June 22, 2011, in the United States District Court, for the Northern District of California alleging that the popular cloud-based storage provider Dropbox, Inc. failed to secure its users’ private data or to notify the vast majority of them about a recent data breach.  According… Read More

by Michael Peters

How do you transition your IT teams from a technology to business mindset?

It is incumbent upon the technology leadership, who should already have an excellent business grasp, mentor, demonstrate and illustrate what lines of activities comprise the essence of the company’s mission. Only then will the supporting staff be able to accurately support those business activities with an accurate technological layer. If the technology leader does not… Read More

by Michael Peters

New PCI Data Security Standards for Cloud Compliance

The PCI Security Standards Council’s Virtualization Special Interest Group recently published its “Information Supplement: PCI DSS Virtualization Guidelines” (the “Guidelines”) to Version 2.0 of the PCI Data Security Standard (“PCI DSS”). The Guidelines provide context for the application of the PCI DSS to cloud and other virtual environments, and offer at least three critical reminders: