After a breach, some organizations meet the minimum requirements for notification and then hope for the best. The Utah Department of Health is taking a very different approach that's worthy of imitation.
When it comes to breach planning and response, well-intentioned organizations often go wrong. Experian Data Breach Resolution VP Michael Bruemmer tells where they fail and offers advice on how to do these important jobs right.
"If I came into this job thinking the way I once thought, I'd be worthless," RSA Chief Information Security Officer Eddie Schwartz says. "If your playbook as CISO has not changed in the last seven years ... you're in deep trouble."
RSA CISO Eddie Schwartz says he spends more time talking to other chief information security officers and IT security practitioners today than he did a decade ago, when he held the same job at Nationwide Insurance Co.
Two unencrypted USB keys carrying copies of information about voters in Ontario, Canada, are missing, potentially exposing information on between 1.4 million and 2.4 million individuals, according to Elections Ontario officials.