Data Privacy

Somehow, U.S. and EU officials find themselves with a Privacy Shield proposal that both goes too far, and yet, not far enough. The Man From FCPA Tom Fox has more.

MediaPro, a security awareness training firm, recently unveiled the Adaptive Awareness Framework, designed to change the way organizations have approached security, privacy, and compliance training. The Adaptive Awareness Framework, MediaPro’s proprietary model for supporting tools needed to expand employee knowledge and change behavior, is closely aligned with and in support of the National Institute of Standards and Technology (NIST) Cybersecurity Framework and emphasizes continual assessment and improvement.

Duff & Phelps, a global valuation and corporate finance advisor, last week launched new cyber-security services that assist financial services companies in identifying and reducing cyber-security risk. This enhanced service offering enables the firm to manage cyber-security risk at every stage of preparedness

France’s data protection regulator has fined Google €100,000 (U.S. $112,000) after it refused to comply with the regulator’s order to remove URLs from search results everywhere. The fine follows a May 2014 ruling by the European Union Court of Justice, affording European citizens the right to ask search engine providers to remove from search results certain personal information about them if the information is “inadequate, irrelevant, or no longer relevant.”

Image: A recent incident at Vanguard in which the company unintentionally sent 71 e-mails pertaining to different customer transactions to a random Vanguard customer triggered a flawed response from the company that demonstrates how SEC-registered entities can underestimate just how difficult it is to manage customer data-related predicaments. CW’s John Reed Stark shares some imperatives for surviving a customer data crisis, while emerging stronger, healthier, and more successful.

Splunk, a software platform provider for real-time operational intelligence, and Herjavec Group, a global managed service provider, recently announced an alliance that includes Splunk solutions at the heart of Herjavec Group’s new managed security service provider offerings. Herjavec Group now offers Splunk Enterprise, Splunk Cloud, and Splunk Enterprise Security (ES) as security solutions to its managed services customers.

Chubb, which has been acquired by the ACE Group, this week announced the launch of Cyber Enterprise Risk Management, as the company continues to invest in its cyber risk capabilities across Europe.

Vera and RFA (Richard Fleischman and Associates), a financial private cloud provider for the asset management community, this month announced a partnership that will make Vera’s advanced data security technology available to hedge funds, private equity firms, and asset managers in the United States, the United Kingdom, and beyond.

As the FBI continues its investigation into the deadly San Bernadino terror attack from last December, it has run into an unlikely adversary in Apple, which has refused the Bureau’s requests to defeat the security measures of one of the terrorists’ iPhones. While the legal struggle over this raises the larger question of how much liberty should be sacrificed in the name of security, at stake for compliance officers is whether or not there can ever be true data security should Apple be forced to do the FBI’s bidding.