Identity Theft: The Causes, Costs, Consequences, and Potential Solutions : Hearing Before the Subcommittee on Technology, Information Policy, Intergovernmental Relations, and the Census of the Committee on Government Reform, House of Representatives, One Hundred Eighth Congress, Second Session, September 22, 2004 |
Other editions - View all
Common terms and phrases
assets authentication bank best practices Business Judgment Rule Chairman Clay companies complaints CONGRESS THE LIBRARY Conner consumers controls corporate governance credit card criminal critical infrastructure customers cyber crime cyber security cybercrime database directors e-commerce eBay efforts electronic crime task electronic data employees ensure Federal agencies Federal Trade Commission FISMA fraud HIPAA Homeland Security identify identity crime identity management identity theft implement industry information security InfraGard initiatives Internet investigations involved issue law enforcement agencies LIBRARY OF CONGRESS Martinez million National networks O'Carroll officers operations organizations passwords personal information phishing potential PricewaterhouseCoopers private sector problem protect PUTNAM requirements responsibility RSA Security safeguards Schmidt Secret Service security breaches senior management Social Security number solutions spam SSNs strategy Swindle terrorist Thank theft and phishing threat tion transactions two-factor authentication users victims vulnerabilities Westby zombie
Popular passages
Page 124 - The Comptroller of the Currency, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation...
Page 53 - ... groups involved in these types of crimes routinely operate in a multi-jurisdictional environment. This has created problems for local law enforcement agencies that generally act as the first responders to their criminal activities. By working closely with other Federal, state, and local law enforcement, as well as international police agencies, we are able to provide a comprehensive network of intelligence sharing, resource sharing, and technical expertise that bridges jurisdictional boundaries....
Page 120 - I am of the view that a director's obligation includes a duty to attempt in good faith to assure that a corporate information and reporting system, which the board concludes is adequate, exists, and that failure to do so under some circumstances may, in theory at least, render a director liable for losses caused by non-compliance with applicable legal...
Page 126 - ... plans and procedures to ensure continuity of operations for information systems that support the operations and assets of the agency.
Page 125 - This program should provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source.
Page 126 - (3) subordinate plans for providing adequate information security for networks, facilities, and systems or groups of information systems, as appropriate; "(4) security awareness training to inform personnel, including contractors and other users of information systems that support the operations and assets of the agency, of — "(A) information security risks associated with their activities...
Page 127 - Act of 2002 and means systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.
Page 50 - In addition to providing the highest level of physical protection to our nation's leaders, the Secret Service exercises broad investigative jurisdiction over a variety of financial crimes. As the original guardian of our nation's financial payment systems, the Secret Service has a long history of pursuing those who would victimize our financial institutions and law-abiding citizens.
Page 120 - ... the board failed to act in circumstances where "due attention" would have prevented the loss. In the latter situation, the Caremark court noted that: [I]t would, in my opinion, be a mistake to conclude that . . . corporate boards may satisfy their obligation to be reasonably informed concerning the corporation, without assuring themselves that information and reporting systems exist in the organization that are reasonably designed to provide to senior management and to the board itself timely,...
Page 124 - ... administrative, technical, and physical safeguards for customer information. The objectives of these standards are to: ensure the security and confidentiality of customer records and information; protect against any anticipated threats or hazards to the security or integrity of such records; and protect against unauthorized access to, or use of, such records or information that could result in substantial harm or inconvenience to any customer.