All Data Protection articles – Page 2

  • Article

    Preparing for the EU’s new Data Protection Rule

    2016-01-26T09:00:00Z

    Sweeping changes to the EU’s data protection laws means new compliance headaches for any U.S. company that collects and handles data on citizens of the European Union. “It’s a game changer, primarily because it sets standards that many companies haven’t had to worry about,” said Hilary Wandall, associate vice president ...

  • Article

    Mitigating Cyber-Threats From the Inside Out

    2016-01-12T09:30:00Z

    As attacks on corporate networks become more common, companies are getting more adept at protecting their most valuable assets against cyber-threats outside the company, but it’s the insider threats that continue to elude many. Inside, we walk through the difficult part of insider-threat programs: not just creating the program and ...

  • Blog post

    Bills Advance to Sharpen SEC’s Small Business Focus

    2015-12-09T14:45:00Z

    The House Financial Services Committee has approved a slate of bipartisan bills and resolutions intended to “protect consumers, grow the economy, strengthen government transparency, and help lead the fight against terrorists.” Among the bills is legislation that establishes an Office for Small Business Capital Formation within the SEC and ...

  • Article

    Cloud Security Is a Challenge for Users and Providers

    2015-11-24T13:30:00Z

    As more cloud storage providers evolve from consumer-based products to enterprise-grade services, compliance challenges are evolving along with them. Before entering into a service contract, companies must determine whether their data will be safe and all is in compliance with a growing list of regulations and security frameworks. The added ...

  • Blog post

    With Safe Harbor Squashed, What's Next for European Data Transfers?

    2015-10-06T12:45:00Z

    As anticipated, on Tuesday the European Court of Justice ruled the Safe Harbor program for international data transfers between the United States and European Union is invalid. While U.S. officials fret that the ruling will “undercut the ability of other countries, businesses, and citizens to rely upon negotiated arrangements with ...

  • Article

    Data Security Impasse Overturns Safe Harbor Program

    2015-10-06T12:15:00Z

    An Austrian student’s displeasure with Facebook has invalidated the longstanding trans-Atlantic Safe Harbor program for international data transfers. That complaint, originally about Facebook’s alleged cooperation in U.S. government spying, has reached the highest court and Europe and overturned 15 years of data privacy rules. Companies are left with few viable ...

  • Article

    The Global State of the Right To Be Forgotten

    2015-08-18T12:00:00Z

    More than a year after the EU established is right-to-be-forgotten principle, U.S. compliance professionals in the tech sector probably wish the decision itself could be forgotten, too. France is insisting that the principle be applied worldwide; even before that ever happens, compliance within Europe is laborious and complicated. Our latest ...

  • Article

    Suddenly, Washington Is Back at Cyber-Security Discussion

    2015-05-12T14:30:00Z

    Image: For the first time in years, Washington is abuzz with proposed changes to cyber-security disclosure, both in Congress and at the SEC. Above all, experts say, is a need to clarify terminology and expectations. “There should be minimum standards for what that security should be across the board,” says ...

  • Article

    Data Governance 101: Getting Started

    2015-04-14T14:00:00Z

    Amassing terabytes of data is easy; for most businesses, managing those valuable—and sometimes very risky—assets is the hard part. A successful data governance initiative, experts say, isn’t a project you can hand off to the IT department or solve with a software purchase. Compliance, audit, and risk executives all need ...

  • Article

    Preparing Your Board for Cyber-Security Oversight

    2015-03-17T14:15:00Z

    Every board knows its company will fall victim to a cyber-attack and, worse, that the board will need to clean up the mess and superintend the fallout. This week, guest columnist John Stark, a long-time student of cyber-security risks, breaks down the fundamentals any board must establish for cyber-security, and ...

  • Blog post

    EU Data Supervisor Pushing Strengthened Privacy Laws

    2015-03-11T13:45:00Z

    Image: Title: ButtarelliThe European Union’s Data Protection Supervisor Giovanni Buttarelli told officials in Washington that the EU’s ambitious overhaul of its data regulations will “place the individual more firmly at the heart” of technology, by boosting transparency and individual control. Buttarelli said the reforms will be backed by real teeth, ...

  • Blog post

    White House Unveils New Data Security Efforts

    2015-01-12T14:00:00Z

    On Monday, President Barack Obama proposed several new initiatives intended to enhance data security and combat identity theft. Among the proposals is legislation requiring companies to notify customers within 30 days when their personal information has been exposed, criminalizing the overseas trade in identities, and preventing certain uses of student ...

  • Article

    Preparing for Pay Rules, Privacy, and a New Congress

    2015-01-06T16:15:00Z

    The SEC is likely to spend 2015 churning through as much rulemaking for the Dodd-Frank Act as it can, never mind being years behind schedule on that front. To complicate matters for the agency, Congress is also likely to try repealing some parts of the law even before the SEC ...

  • Blog post

    Podcast: Navigating the Pitfalls of Geolocation Data

    2014-12-22T16:00:00Z

    Uber, Snapchat, and Golden Technologies are the latest companies to come under fire for how they use the geolocation data they collect from their customers. In this week’s podcast, we talk to Fernando Bohorquez, a partner at the law firm BakerHostetler who specializes in privacy and data security issues, about ...

  • Article

    It May Be Voluntary, but NIST Framework Is a Crucial Cyber-Security Tool

    2014-12-16T09:30:00Z

    Each day, it seems another big-name company falls victim to a cyber-attack. The new framework for assessing the security flaws, developed by the National Institute of Standards and Technology, may be intended for critical-infrastructure companies, but other businesses may find that its guidance offers more help than the mélange of ...

  • Article

    Companies Struggle Over When to Report They’ve Been Hacked

    2014-12-02T15:00:00Z

    Image: When a company discovers that sensitive data has been compromised, two of the toughest decisions that it faces are whether and when to let regulators, customers, and the public know about the loss. While companies may be hesitant, government officials say they can help. “Getting search warrants, arrest warrants, ...

  • PartnerBreach
    Article

    Are Your Business Partners Letting the Hackers In?

    2014-11-25T15:00:00Z

    For Target, it was a heating and air conditioning company. At a large oil company it was a nearby Chinese restaurant. Hackers increasingly use third-party relationships to gain access to computer networks and steal data. The trend means that companies need to conduct even better due diligence on third-party relationships ...

  • Article

    The Real Data Breach Risks Are Right Under Your Nose

    2014-11-11T13:45:00Z

    While companies fret about shadowy hackers based in Russia and China hell bent on stealing customer information, employees—not cyber-criminals—pose the biggest threat to create data breaches and data loss, according to a recent study. Ungoverned and negligent file-sharing by employees is hitting epidemic proportions: More than half of respondents to ...