Jump to content

The Cadets and GH history of sexual abuse (news article)


Recommended Posts

1 hour ago, Jeff Ream said:

Like I said previously...plantar fasciitis is preferable.

Link to comment
Share on other sites

1 hour ago, rpbobcat said:

Thanks fort the link,I think.

sorry i should have put up a disclaimer

Link to comment
Share on other sites

I’m sorry but grant from IBM? 

Glad I did not discover newsgroups until later....

Link to comment
Share on other sites

16 hours ago, Jeff Ream said:

Apparently someone hacked YEAs site. Couldn’t imagine why :whistle:


Hacked again?   Yikes.   It is disappointing to me that they are still struggling with these types of cyber security issues.   This winter my kid attended the camps in NJ, when the folks found out that I worked in the cyber security / compliance field they introduced me to GH.   He disclosed to me at least two recent technology specific security and compliance "events" that they were still dealing with.   I was told that their legal team / insurance company has been asking for a formal security and compliance audit (this is NOT a financial audit) for some time.

I live way too far away to do a long term on-site pro bono security and compliance assessment, but as a courtesy I called out several common sense security controls which must not have been implemented (ie at minimum deploy multi-factor authentication for critical administrative accounts, encryption of data at rest, Internet facing vulnerability assessment scans, etc). 

The reason I call this out at all is because the data they collect on prospective marching members definitely has some elements of both PII (Personally Identifiable Information) and PHI (Protected Health Information), both of which are regulated at both the state and federal levels.   I think most non-profit organizations struggle with this type of thing, hopefully this is sorted out as well, would hate that any MMs end up the victim of identity theft.   To a large degree this is a problem that all corps DCI/DCA would have to address, I have often wondered if DCI provided cyber or business best practices to every corps but after the disheartening month we have had my guess is they do not...  or it is not followed very closely by some organizations.

I have read DCP for years but seldom post (I hate politics), I hope the above comments are not a distraction from the theme of this thread, prayers to those girls who have had to suffer in silence for so long.

 

 

 

 

  • Like 7
  • Thanks 2
Link to comment
Share on other sites

Thanks for bringing up the PII issue with hacking. Never thought about it hitting insurance but makes great sense. Yeah deal with IT security too in other ways

Link to comment
Share on other sites

44 minutes ago, mkelley said:


Hacked again?   Yikes.   It is disappointing to me that they are still struggling with these types of cyber security issues.   This winter my kid attended the camps in NJ, when the folks found out that I worked in the cyber security / compliance field they introduced me to GH.   He disclosed to me at least two recent technology specific security and compliance "events" that they were still dealing with.   I was told that their legal team / insurance company has been asking for a formal security and compliance audit (this is NOT a financial audit) for some time.

I live way too far away to do a long term on-site pro bono security and compliance assessment, but as a courtesy I called out several common sense security controls which must not have been implemented (ie at minimum deploy multi-factor authentication for critical administrative accounts, encryption of data at rest, Internet facing vulnerability assessment scans, etc). 

The reason I call this out at all is because the data they collect on prospective marching members definitely has some elements of both PII (Personally Identifiable Information) and PHI (Protected Health Information), both of which are regulated at both the state and federal levels.   I think most non-profit organizations struggle with this type of thing, hopefully this is sorted out as well, would hate that any MMs end up the victim of identity theft.   To a large degree this is a problem that all corps DCI/DCA would have to address, I have often wondered if DCI provided cyber or business best practices to every corps but after the disheartening month we have had my guess is they do not...  or it is not followed very closely by some organizations.

I have read DCP for years but seldom post (I hate politics), I hope the above comments are not a distraction from the theme of this thread, prayers to those girls who have had to suffer in silence for so long.

 

 

 

 

cyber security is an issue world wide...governments, major companies...so that it happens to a drum corps website isnt a surprise.

 

not saying i condone it, but it's a real threat at all levels

  • Like 2
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...