In the wake of a federal appeals court ruling last year vacating a Federal Trade Commission enforcement action against LabMD, the FTC's data security consent orders are becoming far more detailed and rigorous, says former FTC attorney Julie O'Neill.
Asking the right questions is the first critical step in implementing appropriate cyber hygiene and minimizing exposure to regulatory scrutiny and litigation. Too often, organizations fail to ask those questions. Typically, this is because the C-Suite executives, who are expected to engage and oversee cybersecurity,...
Billions are being spent globally on cybersecurity every year, yet regularly we are hearing of new breaches each more significant than the previous. The physical security of your infrastructure and your ability to protect your digital assists has never been more interconnected and critical to the survival of your...
When it comes to cybersecurity, the past twelve months have been busy in Canada. With the coming into force of mandatory breach reporting, major court decisions in the Casino Rama and Rouge Valley Hospital cases and headline-grabbing breaches, such as Desjardins and Air Canada, there has been no shortage of lessons...
U.S. organizations were barely GDPR compliant in 2018, when California unveiled its own privacy legislation, the California Consumer Privacy Act, which goes into effect on Jan. 1, 2020. Yet, this is but one of several privacy laws being enacted across the U.S., and it poses many questions about the role of security to...
Risks associated with cyber security incidents and business interruption are major concerns for companies worldwide. Improperly managed, cyber security incidents like ransomware can bring companies to a standstill and the resulting financial losses can have a substantial impact. Using real life examples, learn how...
Whether you're a large enterprise that has experienced a headline data breach or a midmarket organization that has just been paralyzed by ransomware, you share points in common. Which law enforcement agency do I call after the incident has been discovered? What do I do - and not do with the affected systems? What...
The latest edition of the ISMG Security Report analyzes the root causes of the Capital One data breach. Also featured: breach remediation advice and compliance with New York's new third-party risk management requirements.
Given the massive impact of the Equifax data breach, is the recently announced proposed settlement fair? One consumer advocate calls the money to be paid out by the consumer reporting agency the equivalent of a "parking ticket." Here's an analysis of the settlement's terms.
The relationship between American Medical Collection Agency and its laboratory clients affected by the company's data breach will be closely examined as breach-related lawsuits progress, says attorney Paul Hales, a HIPAA specialist, who explains why.
The latest edition of the ISMG Security Report analyzes the debate over whether the government should require technology firms to use weak encryption for messaging applications. Plus, D-Link's proposed settlement with the FTC and a CISO's update on medical device security.
The latest edition of the ISMG Security Report features a deep dive into an analysis of the cybersecurity risks that publicly traded companies face. Plus: Was the band Radiohead hacked? And what's unusual about the proposed Premera Blue Cross breach lawsuit settlement?
What stands out most about a proposed $74 million settlement of a class action lawsuit against Premera Blue Cross in the wake of a 2014 data breach? Technology attorney Steven Teppler offers insights in this interview.
The latest edition of the ISMG Security Report offers an in-depth look at the ever-changing ransomware threat. Other topics: filling the DevSecOps skills gap and the repercussions of Australia's encryption-busting law.
A proposed settlement in a class action lawsuit filed against ULCA Health in the wake of a 2015 cyberattack affecting 4.5 million individuals stands apart from other settlements because it requires the organization to spend a substantial sum on improving its security, says attorney Steven Teppler.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
