Examining the Global Impact of AI + Cyber + Data + Privacy + Law = Business Risk
Corporate espionage (industrial espionage) is a favorite topic of mine. I have written and presented on the subject quite a bit and, while I am never sure how my readers react when I write about this, I do carefully watch the look on my audience members’ faces when I first mention the issue. The story …
Continue reading “Corporate Espionage: Hacking A Company Through A Chinese Restaurant Takeout Menu”
Riddle: What has sensitive data, is the target of cyber criminals, and will (almost certainly) have a data breach? Answer: YOUR COMPANY! When your company has a data breach, these are the top 3 questions that you will be required to answer: How did the breach happen? What steps did your company take before the breach …
Continue reading “3 Important Questions Your Company Must Answer After A Data Breach”
The Federal Trade Commission now requires businesses to take the following 3 steps when contracting with data service providers: Investigate. Obligate. Verify. Is your business following these steps? Investigate. Businesses are required to investigate by exercising due diligence before hiring data service providers. Obligate. Businesses are required to obligate their data service providers to adhere …
You already know what a threat hacking and data breaches are to your business, right? Good. In that case, you will appreciate the following post from my friends at SpearTip about cyber counterintelligence. Here’s a little teaser: If your organization is not yet retaining a provider that specializes in this technique, referred to as “Cyber …
Continue reading “The Indispensability of Cyber Counterintelligence”
Here is an excellent article by my friend and infosecurity expert Allan Pratt explaining how employers can help reduce the risk of having employees telecommute. I trust you will find this very informative.
Not too long ago I had a nice visit with Rafal Los (@Wh1t3Rabbit) who is otherwise known as the Chief Security Evangelist for HP and blogs at Following the Wh1t3Rabbit – Practical Enterprise Security. Raf is one dude you really need to follow if you’re interested in #infosec. Anyway, our discussion was centered around the Computer Fraud and Abuse …
Continue reading “The Law and the Hacker – Podcast on the Computer Fraud and Abuse Act”
Unless your business is selling home-grown vegetables out of a truck on the side of the road, you need to seriously consider getting insurance that covers cyber risks. Why? Because most insurance companies will not willingly cover cyber-related losses under their conventional insurance policies. Trust me, I have fought this battle before! A recent case …
Continue reading “This Is Why Your Business Needs Cyber Insurance Coverage”
Texas amended its existing data breach notification law which became effective on September 1, 2012. The relevant section of the law is titled “Notification Required Following Breach of Security of Computerized Data” and is found at Section 521.053 of the Texas Business and Commerce Code. The main body of the law provides as follows: (b) A …
Continue reading “Texas’ Amended Data Breach Notification Law”
That’s right — the Securities and Exchange Commission has determined that risks associated with cybersecurity can be material enough to require that they be included in companies’ disclosures. The SEC issued a disclosure guidance on October 13, 2011 to alert companies that these risks may fall within their existing disclosure requirements. In other words, what …
Continue reading “Cybersecurity risk — think its material? (hint: the SEC does!)”
“We are the weakest link.” Wow, this is certainly the theme of the last few weeks — people are realizing that the biggest threat to companies’ security defenses are the people people inside the companies. You may recall that I discussed this issue in two blogs about this over the last couple of weeks: Guarding …
Continue reading “We Are The Biggest Security Risk To Our Companies”
You must be logged in to post a comment.