Forbes.com reports on a new study showing that although more than 90 percent of federal workers have completed a security awareness training course in the last 12 months, 65 percent of them have never heard of FISMA, the federal IT security standard. The Federal Information Security Management Act (FISMA) defines the U.S. government’s requirements for information security, both in IT and among workers and contractors. FISMA is to government workers what Sarbanes-Oxley is to public companies.
Meanwhile, Wired.com has done a survey that finds most ISPs are reluctant to reveal their data retention policies. Only Cox Communications would even answer the question: "How long do you retain records of the IP addresses assigned to customers." Cox’s answer: six months. AOL says "limited period of time," while AT&T says it varies across its internet-access offerings but that the time limits are all "within industry standards." Comcast, EarthLink, Verizon and Time Warner refused to respond.