All Data Privacy articles – Page 4
-
Blog
There simply are not enough cyber-security specialists
Companies need to get much more aggressive when it comes to recruiting the right talent to head their cyber-security efforts, writes John Reed Stark.
-
Article
How data analytics is changing the face of compliance
Compliance and risk officers are increasingly using data analytics to prevent and detect bribery and corruption risk, as well as enjoy cost and operational efficiencies. Jaclyn Jaeger explores.
-
Article
Amid corruption scandals, compliance booms in Brazil
It might seem that corruption scandals are one of Brazil’s leading exports this year, but amid renewed government anti-bribery enforcement efforts, the country’s compliance sector is growing by leaps and bounds. Rodrigo Amaral has more.
-
Article
This is not a game: Scenario planning can help protect your organization’s reputation
With some 4,000 cyber-attacks occurring every day, compliance officers are looking for any solution to help protect their organization from cyber-risk. A method worth considering is wargaming: a simulation that provides a live example of what a cyber-attack might look like and illustrates what can be to better protect the ...
-
ArticleEU-U.S. Privacy Shield passes: Now what?
For any U.S. company that collects and handles data on EU citizens, the time to review privacy policies, practices and contracts with service providers and customers is now. Jaclyn Jaeger has more.
-
Article
In cyber-security, the real enemy strikes from within
While organizations are trying to understand their cyber-risk and how best to address it, focusing on external threats can overlook an even greater problem, say guest contributors Mark Dorosz and Jennifer Benson: security flaws from internal employees who don’t understand, or don’t care, about upholding the organization’s defenses.
-
Blog
BDO expands Technology Advisory Services practice
BDO Consulting, a division of professional services organization BDO USA, has appointed Judy Selby as Managing Director in the firm’s Technology Advisory Services practice.
-
ArticleAdvice for U.S. companies, post-Brexit: Keep calm and carry on
We may be months away from clarity on what the United Kingdom’s vote to leave the EU means for U.S. companies with a multinational presence. Certain compliance challenges are inevitable in light of changing data privacy demands, labor concerns, trade and tax issues, and the prospect of starting from scratch ...
-
Blog
Rapid7 Nexpose Now offers live exposure management
Rapid7, a provider of security data and analytics solutions, announced Rapid7 Nexpose Now, a major enhancement to its vulnerability management solution that gives customers access to live risk and exposure updates as IT environments change.
-
Blog
Cyber-security due diligence: a new imperative
Weak cyber-security is as much a hallmark of corporate mismanagement as poor corporate governance, bad tone from the top, and check-the-box compliance. But by taking the due diligence aspects of cyber-security seriously, compliance officers can turn data protection into an opportunity. John Reed Stark has more.
-
Article
Former FTC Commissioner Brill on data security, privacy protections
Joe Mont speaks to Julie Brill, who for the past six years was among the FTC’s most influential commissioners and an important voice on internet privacy and data security issues. In April, she left public service to join the law firm Hogan Lovells as a partner and co-director of its ...
-
BlogEU data protection authorities concerned with EU-U.S. Privacy Shield
A draft transatlantic data transfer framework approved in February by the European Commission and the U.S. Department of Commerce received a less-than-enthusiastic response from EU data protection authorities in an opinion released today, effectively giving U.S. companies little assurance as to how they can legally transfer personal data from Europe ...
-
Article
Preparing for a HIPAA compliance audit
The Department of Health and Human Services’ Office for Civil Rights has officially kicked off its second phase of audits for covered entities and their business associates to review compliance with the Health Insurance Portability and Accountability Act’s privacy, security, and breach notification rules. CW’s Jaclyn Jaeger says healthcare CCOs ...
-
Blog
Avoiding Vanguard’s cyber-security stumble
Image: A recent incident at Vanguard in which the company unintentionally sent 71 e-mails pertaining to different customer transactions to a random Vanguard customer triggered a flawed response from the company that demonstrates how SEC-registered entities can underestimate just how difficult it is to manage customer data-related predicaments. CW’s John ...
-
Article
Healthcare, ransomware, and effective cyber-security hygiene
Imagine this: You’re a large healthcare provider whose staff is having trouble accessing vital records in your hospital’s computer network. Your IT department begins an immediate investigation and determines the cause to be a malware attack. Worse yet, the attackers are demanding ransom to obtain the decryption key. How do ...
-
Blog
Apple, the FBI and a terrorist’s iPhone
As the FBI continues its investigation into the deadly San Bernadino terror attack from last December, it has run into an unlikely adversary in Apple, which has refused the Bureau’s requests to defeat the security measures of one of the terrorists’ iPhones. While the legal struggle over this raises the ...
-
Blog
EU, U.S. Agree on New Safe Harbor Framework
The European Union and the United States have agreed on a new framework that will allow for trans-Atlantic data flows between Europe and the United States. The new arrangement will provide stronger obligations on U.S. companies to protect the personal data of Europeans and stronger monitoring and enforcement by the ...
-
Article
Preparing for the EU’s new Data Protection Rule
Sweeping changes to the EU’s data protection laws means new compliance headaches for any U.S. company that collects and handles data on citizens of the European Union. “It’s a game changer, primarily because it sets standards that many companies haven’t had to worry about,” said Hilary Wandall, associate vice president ...
-
Article
Mitigating Cyber-Threats From the Inside Out
As attacks on corporate networks become more common, companies are getting more adept at protecting their most valuable assets against cyber-threats outside the company, but it’s the insider threats that continue to elude many. Inside, we walk through the difficult part of insider-threat programs: not just creating the program and ...
-
Blog
The Big Challenge in New EU Data Protection Law: Values
Image: This week European officials agreed to a final text for a sweeping new data protection law. Compliance officers in the United States should brace themselves: not only does the legislation threaten huge fines and complicate corporate marketing efforts enormously; it underlines the fundamentally differing views Europeans and Americans have ...