Companies Are Making Cybersecurity a Top Priority 14:24, October 3, 2016

Our Resources

Category: data security

Cybersecurity, also known as data security, is the top compliance priority of major corporations and organizations. In its 2016 Compliance & Risk Report: CCO’s Under Scrutiny, global law firm DLA Piper, which advises companies on cybersecurity matters, encapsulated survey results of 78 in-house counsel and compliance officers. By far, the most universal compliance risks identified were […]

read more

Effective January 1, 2017, California expands its data breach notification law to require consumer notice when the security of encrypted personal information is breached and the encryption key or security credential is also compromised. “Encryption key” and “security credential” mean the confidential key or process designed to render the encrypted data useable, readable, and decipherable. […]

read more

We have previously written about ransomware, password reuse, and the DNC security hacks, but this post is about a common risk that lurks in the shadows, aptly called “Shadow IT.” Contrary to what its name implies, Shadow IT is not the malicious creation of hackers. Instead, it is personal communication and content sharing software that employees […]

read more

A Ponemon Institute report on closing data security gaps shows that insider negligence is the leading cause of data loss or theft. The report, sponsored by Varonis, is called Closing Security Gaps to Protect Corporate Data: A Study of US and European Organizations. The study surveyed 3,027 employees in the US, the UK, Germany, and […]

read more

LabMD was a clinical laboratory that performed tests for physicians who would download patients’ personal information to LabMD’s network, order tests, and access the test results. In many instances, LabMD retrieved the personal information of all patients in physicians’ databases, even if LabMD was not performing tests for those patients. The Federal Trade Commission (FTC) […]

read more

The US Department of Health and Human Services (HHS) states in a Fact Sheet on Ransomware and HIPAA that ransomware may result in a breach that must be disclosed under the HIPAA (Health Insurance Portability and Accountability Act) Privacy Rule. Ransomware is malware (malicious software) that denies users access to their data, usually by encrypting […]

read more

On July 12, 2016, the EU approved a framework for transferring European citizen data to the US. Known as the Privacy Shield Framework or, “Privacy Shield,” it requires US companies to take extra precautions to protect the privacy of personal information belonging to EU citizens when that data crosses the Atlantic. The need for a […]

read more

Over half of the data breaches in 2015 were carried out using legitimate credentials. According to the 2016 Verizon Data Breach Investigations Report, there were 1,429 incidents of credential theft last year, and 63% of confirmed data breaches exploited stolen, weak, or default passwords. Data security experts call this a “password reuse crisis” and “low-hanging […]

read more

Russian espionage, presidential campaign strategy, and covert actions shroud the recent data security hack of the Democratic National Committee’s (DNC) system in political intrigue. At first, it may seem too James Bond to the modern American workplace. But, by looking at how the DNC reacted amidst the legal and risk management backdrop, we can learn […]

read more

Are you confident that your employees know the value of your organization’s sensitive information and treat it with the requisite respect? Two recent employment law court cases with polar opposite consequences illustrate the need for data security vigilance and strong data protection measures to keep confidential information secure. Prison Breach Bernice Forrester, an employee of […]

read more
1 2 3 4

White Paper
Data Security training
for employees

  |   Download White Paper

 

Compliance Course Catalog
  |   Download Catalog