Search

1 to 10 of 22
Sort by

Blog Entry
Data Breaches and Implementing Proactive Security Policies

Overview: Data Breaches & Implementing Proactive Security Policies Over the past few, there have been some very high profile instances of data breaches in environments of all types. The NSA IT Administrator Edward Snowden, who accessed and shared classified NSA data, has been the most widely publicized incident around this and there has been an added push to mitigate future data breaches and examine how these types of incidences actually occurred

Errin O'Connor's profile image

Blog Entry
Data Breach Living Wills: Information Theft Response and Recovery Plans

The average total organizational cost of a data breach in the United States in 2015 was $6.8 million. [1] In 2016 alone, over 3,000 publicly disclosed data breaches have occurred so far, representing more than 2.2 billion compromised records. [2] In addition to the upfront expenses, the damage to an organization’s reputation and goodwill can be immense and long-lasting, potentially presenting an existential risk to its future

Megan Mohrmann's profile image

Blog Entry
Upcoming Changes in International Data Retention Legislation

Australia – Mandatory Data Breach Notification (MDBN): Introduced into the House of Representatives last month as the Privacy Amendment (Notifiable Data Breaches) Bill and anticipated to take effect in late 2017, the Australia Federal Parliament is expected to pass MDBN. This law will require companies that suffer a suspected data breach that is likely to cause serious harm to both investigate the breach and to notify both the impacted individuals and the Privacy Commissioner of the breach. Previously, companies were not required to notify anyone of a data breach or hack

Megan Mohrmann's profile image

Blog Entry
What are the implications of the provisions of the new EU General Data Protection Regulation (GDPR) on U.S. Businesses?

The definition of “data breach” is defined broadly to include “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed. This is in stark contrast to U.S. companies only reporting data breaches that may result in fraud or identity theft. These enhanced data breach notifications require that data processors and controllers institute “appropriate technical and organizational measures” to protect “the rights and freedoms of individuals,” including encryption, confidentiality, integrity and accessibility of personally identifiable information

Andrew Pery's profile image





Blog Entry
The Ends, the Means, and Security Risk Mitigation

But organizations, compliance officers, and, yes, information professionals cannot afford to take this view because the aggregate opportunity for a significant data breach is just so large, and the failure to enforce existing security policies is a litigation nightmare waiting to happen

Steve Weissman's profile image

Blog Entry
Identifying Personally Identifiable Information

Data breaches are an everyday occurrence that demonstrate no enterprise or individual is impervious to vulnerabilities. In 2015, there were 781 known data breaches in the U.S

Megan Mohrmann's profile image