All Data Security articles – Page 2
-
Article
Suddenly, Washington Is Back at Cyber-Security Discussion
Image: For the first time in years, Washington is abuzz with proposed changes to cyber-security disclosure, both in Congress and at the SEC. Above all, experts say, is a need to clarify terminology and expectations. “There should be minimum standards for what that security should be across the board,” says ...
-
Blog
Study: Social Media Befuddles Compliance
The average Fortune 100 firm has approximately 320 social media accounts and engages with more than 210,000 “followers” annually. The problem, according to a new study, is that the pace, scale, and informal culture of corporate social media creates regulatory risks that go beyond the traditional skill set of compliance ...
-
Article
Data Governance 101: Getting Started
Amassing terabytes of data is easy; for most businesses, managing those valuable—and sometimes very risky—assets is the hard part. A successful data governance initiative, experts say, isn’t a project you can hand off to the IT department or solve with a software purchase. Compliance, audit, and risk executives all need ...
-
Article
Preparing Your Board for Cyber-Security Oversight
Every board knows its company will fall victim to a cyber-attack and, worse, that the board will need to clean up the mess and superintend the fallout. This week, guest columnist John Stark, a long-time student of cyber-security risks, breaks down the fundamentals any board must establish for cyber-security, and ...
-
Article
Where Internal Audit Can Help in Cyber-Security
Image: With yet another huge data breach hitting Corporate America—add insurance giant Anthem to the Hall of Shame—internal audit departments are trying to pinpoint what expertise they can bring to the company’s cyber-security risk assessment. Plenty, many audit executives say. “There are technical aspects of these projects, but regardless of ...
-
Article
When State Attorneys General Come Knocking
Sometimes a sheriff arrives from the federal government to take an enforcement action against your company, and sometimes a posse of state attorneys general follow behind, determined to investigate you too. Such is the case for JP Morgan, now being pressed by 19 states for more detail on its massive ...
-
Blog
Anthem Discloses Huge Data Breach
Health insurer Anthem said hackers gained unauthorized access to its IT systems and stole personal information relating to tens of millions of current and former members and employees. Calling it a “very sophisticated external cyber-attack,” Anthem CEO Joseph Swedish said the breach does not appear to have compromised credit card ...
-
Article
Latest PCI Standard Pushes Toward Risk Management
Image: Version 3.0 of the PCI Data Security Standard goes into effect this month—and maybe, just possibly, it will strengthen companies’ discipline against credit card data theft. The new standard prods companies to approach security as a continuous risk monitoring duty. “You can’t have smooth implementation until you start to ...
-
Blog
White House Unveils New Data Security Efforts
On Monday, President Barack Obama proposed several new initiatives intended to enhance data security and combat identity theft. Among the proposals is legislation requiring companies to notify customers within 30 days when their personal information has been exposed, criminalizing the overseas trade in identities, and preventing certain uses of student ...
-
Blog
ECI Launches New Data Security Solution, PayArmor
Electronic Commerce International, a payment processing solutions provider, today announced the launch of PayArmor, a new way for companies to protect customer data from cyber criminals. PayArmor is a multi-layered suite of security and compliance services built to safeguard businesses against fraud, credit card data security breaches and to ...
-
Article
It May Be Voluntary, but NIST Framework Is a Crucial Cyber-Security Tool
Each day, it seems another big-name company falls victim to a cyber-attack. The new framework for assessing the security flaws, developed by the National Institute of Standards and Technology, may be intended for critical-infrastructure companies, but other businesses may find that its guidance offers more help than the mélange of ...
-
Blog
TD Bank to Pay $625K for Data Breach
TD Bank this week reached a $625,000 settlement with the Massachusetts Attorney General’s Office after losing unencrypted back-up tapes containing personal information of more than 260,000 consumers nationwide, and delaying notice of the incident. The final settlement amounted to $825,000, but the AG’s Office credited the bank $200,000 to reflect ...
-
Article
Companies Struggle Over When to Report They’ve Been Hacked
Image: When a company discovers that sensitive data has been compromised, two of the toughest decisions that it faces are whether and when to let regulators, customers, and the public know about the loss. While companies may be hesitant, government officials say they can help. “Getting search warrants, arrest warrants, ...
-
ArticleAre Your Business Partners Letting the Hackers In?
For Target, it was a heating and air conditioning company. At a large oil company it was a nearby Chinese restaurant. Hackers increasingly use third-party relationships to gain access to computer networks and steal data. The trend means that companies need to conduct even better due diligence on third-party relationships ...
- Previous Page
- Page1
- Page2
- Next Page