Tag Archives: Data Breach Response

Employee Viewing Information Without Authorization Triggers Data Breach Notification Obligation for Credit Union

An employee of Golden State Credit Union viewed member account information, containing Personally Identifiable Information (PII), without having the requisite authority to view such accounts. This action — alone — was sufficient to trigger the notification requirement of the California data breach notification law, at great expense and frustration for the Credit Union, which offered …

Continue reading “Employee Viewing Information Without Authorization Triggers Data Breach Notification Obligation for Credit Union”

Why every CIO needs a cybersecurity attorney (my comments on why this is my favorite article ever)

Wow, this article seriously just made my day. I will apologize in advance to my friend and CSO writer and Michael Santarcangelo (@catalyst), but this may very well be my favorite article — anywhere — of all time! And, thank you, Tom Hulsey (@TomHulsey), for sharing it with me! As for you, Ms. Kacy Zurkus (@KSZ714), all I can …

Continue reading “Why every CIO needs a cybersecurity attorney (my comments on why this is my favorite article ever)”

Why Your Company Needs a Breach Response Plan: Key Decisions You Must Make Following A Data Breach

Companies must be prepared for a data breach. It is just a fact of life, plain and simple. The developing standard of care requires that companies give some thought to how they will respond when the inevitable occurs — and they really, really, really should have a written Incident Response Plan in place. This is part …

Continue reading “Why Your Company Needs a Breach Response Plan: Key Decisions You Must Make Following A Data Breach”

Cybersecurity & Data Breach: You Don’t Drown From Falling Into the Water

“You don’t drown from falling into the water, you drown from not getting out.” Think about that — and think about how that applies to cyber security and data breach issues facing companies in today’s cyber world. Here, in my first ever video blog post, I explain this issue with more detail.

Really??? Proposed legislation would allow companies to keep some data breaches secret

Let me make sure I have this right … the same company officials who are currently being warned about cyber risk but are not finding it significant enough to act are going to be the ones who determine whether there is a reasonable chance that customers will be harmed — from their data breach — …

Continue reading “Really??? Proposed legislation would allow companies to keep some data breaches secret”

Excellent information and great company: check out AllClear ID’s “Resources” page

I have always been a fan of AllClear ID for being the best of the best at handling breach response logistics but now, I have to give them a shoutout for another reason. AllClear has a Resources page with some of the very best and most well-respected law firm blogs in the world. While I am …

Continue reading “Excellent information and great company: check out AllClear ID’s “Resources” page”

Cybersecurity Presentation at ACFE 25th Annual DFW Fraud Conference

I am really looking forward to speaking to the 400+ attendees at the Association of Certified Fraud Examiners’ (ACFE) 25th Annual DFW Fraud Conference event on Friday, May 15, 2015. My address is titled Addressing the Most Current Cybersecurity Threats: Don’t Be the Next Victim. You can learn more about this event at this LINK …

Continue reading “Cybersecurity Presentation at ACFE 25th Annual DFW Fraud Conference”

Cybersecurity is a Top Concern for Corporate General Counsel

LawyersWeekly has found that cybersecurity is now one of the top 3 concerns of corporate general counsel. It should probably be the first, given the trend toward finding liability for officers and directors for cybersecurity incidents. See Growing Trend of Officer & Director Liability for Cybersecurity Incidents Here are my key takeaways from the LawyersWeekly article: General counsel’s …

Continue reading “Cybersecurity is a Top Concern for Corporate General Counsel”

Executives & Board: The conversation security leaders need to have about Amy Pascal’s departure

This is an excellent article that covers a very important topic you need to consider. You — as in Executives and Board Members of Companies all around the world. Stop, close your eyes, and ask yourself these three questions that are in this article: “What did you think of the announcement?” (i.e., put yourself in …

Continue reading “Executives & Board: The conversation security leaders need to have about Amy Pascal’s departure”

Happy Data Privacy Day!

What are you doing to observe it? Today is Data Privacy Day! If you have been wondering “what is Data Privacy Day?” then this is your lucky day because not only is today Data Privacy Day, but here is the answer and an explanation for why it really matters to you and your company’s future …

Continue reading “Happy Data Privacy Day!”