Texas amended its existing data breach notification law which became effective on September 1, 2012. The relevant section of the law is titled “Notification Required Following Breach of Security of Computerized Data” and is found at Section 521.053 of the Texas Business and Commerce Code. The main body of the law provides as follows: (b) A…
Tag: Information security
Cybersecurity risk — think its material? (hint: the SEC does!)
That’s right — the Securities and Exchange Commission has determined that risks associated with cybersecurity can be material enough to require that they be included in companies’ disclosures. The SEC issued a disclosure guidance on October 13, 2011 to alert companies that these risks may fall within their existing disclosure requirements. In other words, what…
Please share this!
We Are The Biggest Security Risk To Our Companies
“We are the weakest link.” Wow, this is certainly the theme of the last few weeks — people are realizing that the biggest threat to companies’ security defenses are the people people inside the companies. You may recall that I discussed this issue in two blogs about this over the last couple of weeks: Guarding…
Please share this!
Guarding Against the Inside Job (Part 1 of 2)
“You are only as strong as your weakest link” It is becoming clear that the weakest link in most companies’ information security defenses is the people who work inside the company. The company must identify the most likely risks those people face, train them to minimize those risks, develop policies to protect against those risks,…
Please share this!
Data Breach – Who’s Gonna Get It?
The message–that’s what I’m talking about–who’s gonna get the message first? Data breaches, hacking, and privacy are one of the biggest news stories for 2011 and we are just just barely through the first half of the year. By now even the most zoned-out among us should have heard of the hacking that led to…
