Examining the Global Impact of AI + Cyber + Data + Privacy + Law = Business Risk
WHAT ARE YOU DOING TO OBSERVE IT? Today is Data Privacy Day! If you have been wondering “what is Data Privacy Day?” then this is your lucky day because not only is today Data Privacy Day, but here is the answer and an explanation for why it really matters to you and your company’s future …
Continue reading “Happy Data Privacy Day!”
Three Democratic senators introduced legislation Thursday requiring companies to notify customers of data breaches within 30 days of their discovery and imposing a five year prison sentence on organizations caught concealing data breaches.https://www.cyberscoop.com/national-data-breach-notification-law-bill-nelson-uber-equifax-hack/
In the wake of the Equifax and Securities and Exchange Commission’s data breach disclosures, there has been a lot of public outcry over the assertion that it took too long to disclose these data breaches to the public. “Too long” is a relative term, to start with, as I have little doubt that some people will …
Continue reading “Why do data breach disclosures often take too long? Let’s ask the SEC Chairman.”
This is intended to be an old-fashioned “blog” about thoughts on the Equifax data breach. It will be ongoing so please check back regularly. Topics Media interviews and commentary We are seeing shame hacking taken to a new level Will I lead a consumer class action lawsuit against Equifax? Lawsuits and investigations against Equifax What …
Continue reading “Musings about the Equifax Data Breach”
The SecureWorld News Team talked with Shawn Tuma about many of the lessons that can be learned from the Equifax data breach and winnowed it down to the following 3 takeaways that are discussed more thoroughly in the article: We need a uniform national breach notification law in the United States. When it comes to …
Continue reading “Incident Response – 3 Takeaways from the Equifax Breach”
Delaware recently amended its data breach notification law to include the following requirements:Expanded definition of “personal information” to include biometric data, medical information, passport numbers, routing numbers for accounts, individual taxpayer identification numbers and usernames in addition to the traditional forms of PII such as birth date and social security numbers.Notice to affected individuals within …
Continue reading “Key Points of Delaware’s New Data Breach Notification Law”
A good friend recently shared with me the article Verizon GC on the Lessons Learned from Deal with Yahoo (use Linkedin for paywall access) because he thought it would be valuable information to add to my own cybersecurity knowledge toolbox. Given the experience Verizon’s GC has gained through this process, when he talks about lessons […]
What are the pros and cons of a national breach notification law? What are the questions that need to be asked to facilitate this discussion? What are the critical points that need to be made?
A good friend recently shared with me the article Verizon GC on the Lessons Learned from Deal with Yahoo (use Linkedin for paywall access) because he thought it would be valuable information to add to my own cybersecurity knowledge toolbox. Given the experience Verizon’s GC has gained through this process, when he talks about lessons …
Continue reading “5 Key Takeaways from Verizon’s GC on Lessons Learned from Yahoo Deal”
Insider misuse triggers a breach just like outside hackers. When a company’s information is compromised because of insider[1] misuse of computers or information, regardless of insider’s intentions, the result for the company and the data subjects of that information is often the same as if it were an attack by an outside adversary – it …
Continue reading “Insider Misuse of Computers: No Big Deal? It Can Be a Data Breach, Ask Boeing”
You must be logged in to post a comment.