Tag Archives: Data breach

Why Your Company Needs a Breach Response Plan: Key Decisions You Must Make Following A Data Breach

Companies must be prepared for a data breach. It is just a fact of life, plain and simple. The developing standard of care requires that companies give some thought to how they will respond when the inevitable occurs — and they really, really, really should have a written Incident Response Plan in place. This is part …

Continue reading “Why Your Company Needs a Breach Response Plan: Key Decisions You Must Make Following A Data Breach”

Cybersecurity & Data Breach: You Don’t Drown From Falling Into the Water

“You don’t drown from falling into the water, you drown from not getting out.” Think about that — and think about how that applies to cyber security and data breach issues facing companies in today’s cyber world. Here, in my first ever video blog post, I explain this issue with more detail.

Businesses Beware: You need to understand and adopt EMV / Chip-and-PIN Technology

“Visa, MasterCard, Discover, American Express and their banking partners have set a government-enforced deadline of Oct. 15 for a “liability shift” that, for the first time, would make merchants liable for fraudulent charges that result from using point-of-service readers that can’t read chip-and-pin EMV cards. The issuers have been implementing the technology, but it’s still …

Continue reading “Businesses Beware: You need to understand and adopt EMV / Chip-and-PIN Technology”

Presentation tomorrow – Collin County Bar Ass’n Corporate Counsel Section – here’s the question:

“What do I talk about?” No, it’s not that I don’t have anything to say — for goodness sakes, you all know that I always have something to say! The problem I am having is that I had planned to talk about cyber risk compliance and the key elements of what a good cyber risk …

Continue reading “Presentation tomorrow – Collin County Bar Ass’n Corporate Counsel Section – here’s the question:”

Really??? Proposed legislation would allow companies to keep some data breaches secret

Let me make sure I have this right … the same company officials who are currently being warned about cyber risk but are not finding it significant enough to act are going to be the ones who determine whether there is a reasonable chance that customers will be harmed — from their data breach — …

Continue reading “Really??? Proposed legislation would allow companies to keep some data breaches secret”

“This is not a security breach.” Really? IRS hit by cyberattack, thousands of taxpayers’ information stolen

Compare and contrast the following statements: “Thieves managed to steal information on more than 100,000 taxpayers from the IRS,” Commissioner John Koskinen said Tuesday “’This is not a security breach. Our basic information is secure,’” Mr. Koskinen insisted. Well, I am glad to know that stealing consumer data from the computer of an entity to …

Continue reading ““This is not a security breach.” Really? IRS hit by cyberattack, thousands of taxpayers’ information stolen”

CareFirst cyberattack causes data breach of more than 1 million members

“Personal information of more than 1 million current and former CareFirst BlueCross BlueShield members was leaked in a cyberattack on the insurer’s database.” The information exposed included names, birth dates, email addresses, and subscriber identification numbers. The attack was similar to the Premera BlueCross breach, which was hit one month earlier than CareFirst. Read more: …

Continue reading “CareFirst cyberattack causes data breach of more than 1 million members”

Excellent information and great company: check out AllClear ID’s “Resources” page

I have always been a fan of AllClear ID for being the best of the best at handling breach response logistics but now, I have to give them a shoutout for another reason. AllClear has a Resources page with some of the very best and most well-respected law firm blogs in the world. While I am …

Continue reading “Excellent information and great company: check out AllClear ID’s “Resources” page”

FTC Gives Good Reason to Not (Try to) Hide Data Breaches

Why do I need to report a data breach? This is a common question that business owners ask me all of the time. In response, I rattle off a laundry list of reasons why reporting is not optional — but mandatory. This includes ethical stewardship and obligations, business and public relationship reasons, and finally legal …

Continue reading “FTC Gives Good Reason to Not (Try to) Hide Data Breaches”

Cybersecurity Risk: Law and Trends – Ethical Boardroom Article

The law is trending toward more risk of liability for Officers and Directors. Learn more about this from my recent article in Ethical Boardroom — full text available without paywall here: Cybersecurity Risk: Law and Trends. Learn more about the CyberGard Business Cyber Risk Management Program