"They can because they think they can.” – Virgil

 

Top Picks

Oil exec: Prices driven by 'fundamentals'

“The Senate Judiciary Committee called the hearing to explore the skyrocketing price of oil, which jumped over $3 a barrel Wednesday to a new record of over $132. The committee grilled executives from Exxon Mobil, ConocoPhillips Co., Shell Oil Co., Chevron  and BP as to how their companies can in good conscience make so much money, while American drivers pay so much at the pump.”

http://money.cnn.com/2008/05/21/news/economy/oil_hearing/index.htm?cnn=yes

 

Fraud-prevention pitchman becomes ID theft victim

“Todd Davis has dared criminals for two years to try stealing his identity: Ads for his fraud-prevention company, LifeLock, even offer his Social Security number next to his smiling mug.  Now, Lifelock customers in Maryland, New Jersey and West Virginia are suing Davis, claiming his service didn't work as promised and he knew it wouldn't, because the service had failed even him.”

http://www.cnn.com/2008/CRIME/05/22/lifelock.flap.ap/index.html

 

IT Audit / Internal Audit / Compliance

TVA Needs to Address Weaknesses in Control Systems and Networks

GAO-08-526, May 21.

Report - http://www.gao.gov/cgi-bin/getrpt?GAO-08-526

Highlights - http://www.gao.gov/highlights/d08526high.pdf

 

Balancing Act: A Risk Management Solution for Spreadsheets

“Every time an employee creates, accesses or manipulates spreadsheet data, errors can creep in — errors that often go undetected. Failure to effectively safeguard spreadsheets can expose companies to theft of critical data and serious, even catastrophic, financial losses. If companies hope to protect their most important spreadsheets and reduce human and electronic flaws, they need to adopt a Risk Intelligent approach.”

http://www.deloitte.com/dtt/article/0,1002,cid=207268,00.html?WT.mc_id=Podcast_email_117

 

IT Process Improvement / Quality Management

ITSMwatch’s Blog

There are a lot of posts on a variety of topics at ITSMwatch.

http://blog.itsmwatch.com/

 

FMEA and You

“To properly evaluate a process or product for strengths, weaknesses, potential problem areas or failure modes, and to prevent problems before they occur, it may be necessary to use a Failure Modes and Effects Analysis (FMEA).”

http://www.fmeainfocentre.com/guides/f0503_FMEA.pdf

 

Security and Risk Management

PCI DSS compliance: Web application firewall or code review?

“On June 30, Requirement 6.6 of the Payment Card Industry (PCI) Data Security Standard (DSS) -- whose goal is to ensure that Web-facing applications are protected against known attacks by either completing a code review or installing a Web application firewall (WAF) -- moves from a best practice to a requirement.”

http://searchsecurity.techtarget.com.au/articles/24726-PCI-DSS-compliance-Web-application-firewall-or-code-review-

 

E-Mail Security And Compliance Not Taken Seriously

“’75% of US companies are ‘concerned’ or ‘very concerned’ about protecting the confidentiality of personal identity and financial information in outbound email. 70% are ‘concerned’ or ‘very concerned’ about ensuring compliance with financial disclosure or corporate governance regulations. 68% are ‘concerned’ or ‘very concerned’ about ensuring that email cannot be used to disseminate company trade secrets or valuable intellectual property.’”

http://www.informationweek.com/blog/main/archives/2008/05/email_security.html

 

Six hours to hack the FBI (and other pen-testing adventures)

“It takes a lot to shock Chris Goggans; he's been a pen (penetration) tester since 1991, getting paid to break into a wide variety of networks. But he says nothing was as egregious as security lapses in both infrastructure design and patch management at a civilian government agency -- holes that let him hack his way through to a major FBI crime database within a mere six hours.”

http://computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9087441&taxonomyId=17&intsrc=kc_feat

 

Cyber Terrorism Threat Growing, EU Agency Says

“ENISA said 30 percent of global trade is ‘digitally dependent’ and cited estimates that spam cost businesses about EU64.5 billion (US$101.43 billion) in 2007, double the 2005 figure. With only 6 percent of spam reaching mailboxes, ENISA said, the problem is perceived to be under control. However, it is growing in quantity, size and bandwidth and remains a costly problem.”

http://news.yahoo.com/s/nf/20080527/tc_nf/59975

 

Healthcare / Bio-Informatics / Care Delivery Organizations (CDOs)

Check out those Medicare hospital ratings

“Officials there are spending $1.9 million for a one-day advertising blitz in 58 local markets, including Chicago, urging consumers to compare the quality of care at medical institutions.”

http://newsblogs.chicagotribune.com/triage/2008/05/check-out-those.html

[Very interesting - they identified and reported on two stats they felt were key.]

 

Human Error / Safety / Environment

Effects of Nanotubes May Lead to Cancer, Study Says

“Microscopic, high-tech ‘nanotubes’ that are being made for use in a wide variety of consumer products cause the same kind of damage in the body as asbestos does, according to a study in mice that is raising alarms among workplace safety experts and others.

http://www.washingtonpost.com/wp-dyn/content/article/2008/05/20/AR2008052001331.html?hpid=sec-health

 

Global News

Toyota revs up hybrid output

“Toyota Motor Corp. (TM) has emerged the world leader in hybrids with its hit Prius, which has sold more than a cumulative 1 million vehicles over the last decade. Sometime after 2010, it hopes to sell 1 million hybrids a year”

http://money.cnn.com/2008/05/27/news/international/toyota_hybrid.ap/index.htm?postversion=2008052707

 

Economics / Business / Misc.

Taxing oil profits: Proceed with caution

“While the debate about whether or not to tax Big Oil's profit rages on, there's also the debate as to who is best suited to bet on our future energy choices. The oil companies have been criticized for being shortsighted and not investing enough in renewable resources. Indeed, some want to use a windfall profits tax to fund renewable energy projects.  The counter argument to government sponsored R&D is that when it comes to new technologies, the market picks them best.”

http://money.cnn.com/2008/05/06/news/economy/oil_profits_tax/index.htm?postversion=2008050612

 

Salamander-inspired therapy may aid injured vets

“Army Sgt. Shiloh Harris' doctors applied specially formulated powder to what's left of the finger in an effort to do for wounded soldiers what salamanders can do naturally: replace missing body parts.”

http://www.cnn.com/2008/HEALTH/05/26/regrowing.body.parts/index.html

 

End Notes

The News is brought to you by George Spafford, Principal Consultant at Pepperweed Consulting, LLC.  Pepperweed is nationally recognized as a leader in IT Management Consulting.  For more information, check out our website at www.pepperweed.com or call 888-229-0145. Please let us know if you see stories you think should be included in the next issue of The News, and feel free to forward this email on to others.

 

Titles and links to articles written by me are listed at:  http://spaffordconsulting.com/articles.html and if you have news or feedback you’d like to share, please send an email to george.spafford@....

 

To subscribe, please send an email to:  SGC_Daily_News-subscribe@yahoogroups.com

To unsubscribe, please send an email to:   SGC_Daily_News-unsubscribe@yahoogroups.com

 

Archives of The News newsletter are available at http://www.spaffordconsulting.com/dailynews.html .

 

_____________________________________________

George Spafford
Principal Consultant
ITIL Service Manager, IPRC, CISA

Pepperweed Consulting, LLC®
Office:  269-556-9597
Mobile:  269-208-1832

FAX:  208-978-6295
George.Spafford@...