All Data Protection articles – Page 2
-
Article
In cyber-security, the real enemy strikes from within
While organizations are trying to understand their cyber-risk and how best to address it, focusing on external threats can overlook an even greater problem, say guest contributors Mark Dorosz and Jennifer Benson: security flaws from internal employees who don’t understand, or don’t care, about upholding the organization’s defenses.
-
ArticleAdvice for U.S. companies, post-Brexit: Keep calm and carry on
We may be months away from clarity on what the United Kingdom’s vote to leave the EU means for U.S. companies with a multinational presence. Certain compliance challenges are inevitable in light of changing data privacy demands, labor concerns, trade and tax issues, and the prospect of starting from scratch ...
-
Article
Preparing for the EU’s new Data Protection Rule
Sweeping changes to the EU’s data protection laws means new compliance headaches for any U.S. company that collects and handles data on citizens of the European Union. “It’s a game changer, primarily because it sets standards that many companies haven’t had to worry about,” said Hilary Wandall, associate vice president ...
-
Article
Mitigating Cyber-Threats From the Inside Out
As attacks on corporate networks become more common, companies are getting more adept at protecting their most valuable assets against cyber-threats outside the company, but it’s the insider threats that continue to elude many. Inside, we walk through the difficult part of insider-threat programs: not just creating the program and ...
-
Blog
Bills Advance to Sharpen SEC’s Small Business Focus
The House Financial Services Committee has approved a slate of bipartisan bills and resolutions intended to “protect consumers, grow the economy, strengthen government transparency, and help lead the fight against terrorists.” Among the bills is legislation that establishes an Office for Small Business Capital Formation within the SEC and ...
-
Article
Cloud Security Is a Challenge for Users and Providers
As more cloud storage providers evolve from consumer-based products to enterprise-grade services, compliance challenges are evolving along with them. Before entering into a service contract, companies must determine whether their data will be safe and all is in compliance with a growing list of regulations and security frameworks. The added ...
-
Blog
With Safe Harbor Squashed, What's Next for European Data Transfers?
As anticipated, on Tuesday the European Court of Justice ruled the Safe Harbor program for international data transfers between the United States and European Union is invalid. While U.S. officials fret that the ruling will “undercut the ability of other countries, businesses, and citizens to rely upon negotiated arrangements with ...
-
Article
Data Security Impasse Overturns Safe Harbor Program
An Austrian student’s displeasure with Facebook has invalidated the longstanding trans-Atlantic Safe Harbor program for international data transfers. That complaint, originally about Facebook’s alleged cooperation in U.S. government spying, has reached the highest court and Europe and overturned 15 years of data privacy rules. Companies are left with few viable ...
-
Article
The Global State of the Right To Be Forgotten
More than a year after the EU established is right-to-be-forgotten principle, U.S. compliance professionals in the tech sector probably wish the decision itself could be forgotten, too. France is insisting that the principle be applied worldwide; even before that ever happens, compliance within Europe is laborious and complicated. Our latest ...
-
Article
Suddenly, Washington Is Back at Cyber-Security Discussion
Image: For the first time in years, Washington is abuzz with proposed changes to cyber-security disclosure, both in Congress and at the SEC. Above all, experts say, is a need to clarify terminology and expectations. “There should be minimum standards for what that security should be across the board,” says ...
-
Article
Data Governance 101: Getting Started
Amassing terabytes of data is easy; for most businesses, managing those valuable—and sometimes very risky—assets is the hard part. A successful data governance initiative, experts say, isn’t a project you can hand off to the IT department or solve with a software purchase. Compliance, audit, and risk executives all need ...
-
Article
Preparing Your Board for Cyber-Security Oversight
Every board knows its company will fall victim to a cyber-attack and, worse, that the board will need to clean up the mess and superintend the fallout. This week, guest columnist John Stark, a long-time student of cyber-security risks, breaks down the fundamentals any board must establish for cyber-security, and ...
-
Blog
EU Data Supervisor Pushing Strengthened Privacy Laws
Image: Title: ButtarelliThe European Union’s Data Protection Supervisor Giovanni Buttarelli told officials in Washington that the EU’s ambitious overhaul of its data regulations will “place the individual more firmly at the heart” of technology, by boosting transparency and individual control. Buttarelli said the reforms will be backed by real teeth, ...
-
Blog
White House Unveils New Data Security Efforts
On Monday, President Barack Obama proposed several new initiatives intended to enhance data security and combat identity theft. Among the proposals is legislation requiring companies to notify customers within 30 days when their personal information has been exposed, criminalizing the overseas trade in identities, and preventing certain uses of student ...
-
Article
Preparing for Pay Rules, Privacy, and a New Congress
The SEC is likely to spend 2015 churning through as much rulemaking for the Dodd-Frank Act as it can, never mind being years behind schedule on that front. To complicate matters for the agency, Congress is also likely to try repealing some parts of the law even before the SEC ...
-
Blog
Podcast: Navigating the Pitfalls of Geolocation Data
Uber, Snapchat, and Golden Technologies are the latest companies to come under fire for how they use the geolocation data they collect from their customers. In this week’s podcast, we talk to Fernando Bohorquez, a partner at the law firm BakerHostetler who specializes in privacy and data security issues, about ...
-
Article
It May Be Voluntary, but NIST Framework Is a Crucial Cyber-Security Tool
Each day, it seems another big-name company falls victim to a cyber-attack. The new framework for assessing the security flaws, developed by the National Institute of Standards and Technology, may be intended for critical-infrastructure companies, but other businesses may find that its guidance offers more help than the mélange of ...
-
Article
Companies Struggle Over When to Report They’ve Been Hacked
Image: When a company discovers that sensitive data has been compromised, two of the toughest decisions that it faces are whether and when to let regulators, customers, and the public know about the loss. While companies may be hesitant, government officials say they can help. “Getting search warrants, arrest warrants, ...
-
ArticleAre Your Business Partners Letting the Hackers In?
For Target, it was a heating and air conditioning company. At a large oil company it was a nearby Chinese restaurant. Hackers increasingly use third-party relationships to gain access to computer networks and steal data. The trend means that companies need to conduct even better due diligence on third-party relationships ...
-
Article
The Real Data Breach Risks Are Right Under Your Nose
While companies fret about shadowy hackers based in Russia and China hell bent on stealing customer information, employees—not cyber-criminals—pose the biggest threat to create data breaches and data loss, according to a recent study. Ungoverned and negligent file-sharing by employees is hitting epidemic proportions: More than half of respondents to ...
- Previous Page
- Page1
- Page2
- Page3
- Next Page