News & Analysis as of

Dealing with High Risk Data

When people think of high risk data, most think of Personal Health Information and Personally Identifiable Information as it relates to HIPAA and the health care industry, but Steve Shebest’s very informative article “High...more

Time To Apply A Risk-Based Approach To Information Security Training

Digital warfare seems to be the name of the game these days. Terrorists attack our database infrastructures and wreck havoc by making personal information public. Look at the most recent attacks on Sony, Chick-Fil-A and...more

Top Five Resolutions for Covered Entities and Business Associates in 2015

The New Year is here. It is time to make those 2015 resolutions, and not just those for getting fit and healthy. Resolve now to improve your organization’s compliance with the Health Insurance Portability and Accountability...more

A Corporate Counsel’s Guide to Cyber Insurance

On an almost daily basis, you are reminded of why you should worry about the security of your company’s data and information systems. Whether it be from headlines in hard copy, broadcast, or online media, your senses have...more

Cyber-Breach & NISPOM Conforming Change 2 – It’s What’s on the Inside That Counts

Most companies are worried about external threats – things that are coming at their people, their group, their company, their government, all from an outside actor. Like government’s with an eye on counter-intelligence,...more

IP | Trend: Data in the Cloud is the Next Big Storm? [Video]

Convenience, accessibility, and cost have led companies and their employees to put an increased amount of data in the cloud. But, does this put corporate data at risk? Attorneys Seth Northrop and Sam Walling discuss some of...more

Information Security Training Master Class: Winning the Battle against Data Breaches, Malicious and Negligent Employees, and...

Information security has continued to play prominently in the news as this series has evolved. Just today AT&T announced a data breach. Home Depot and Jimmy John’s, also added to the list in the past month, are still...more

New York AG Reports that Data Breaches Cost New York Businesses over $1B Last Year

The current headline in data security is a just-released report from the New York Attorney General's Office (the "AG Report") announcing that the number of reported data breaches more than tripled between 2006 and 2013,...more

Risk Planning and Board Liability

Board members are in the hot seat, or to put it another way – they are in a hot kitchen. The question is whether they can stand the heat of the hot kitchen....more

FFIEC Launches Cybersecurity Resources Web Page

On June 24, the FFIEC unveiled a new web page that will serve as a central repository for current and future FFIEC-related materials on cybersecurity. Although the FFIEC did not release any new resources, the launch shows the...more

Cybersecurity: Having a Privacy Policy is Not Enough

With the rash of significant data security incidents that occurred in 2013 and have continued to this day, it is increasingly important for companies to have an updated cybersecurity preparedness plan. The World Economic...more

FCPA Compliance and Ethics Report-Episode 72-interview with Michael Rasmussen [Video]

In this episode of the FCPA Compliance and Ethics Report, I interview Michael Rasmussen, the GRC Pundit. As the man who coined the phrase 'GRC' Michael is one of the country's top GRC experts. He talks about the recent OCEG...more

FFIEC Advises Financial Institutions On “Heartbleed” Risks

On April 10, the FFIEC issued an alert advising financial institutions of risks associated with “Heartbleed”, a recently discovered material security vulnerability in a commonly used encryption method known as the OpenSSL...more

And On The 12th Day Of Privacy, Something For Directors…..Mind The Gap!

On our last “day of Privacy”, we have a little extra (perhaps a lump of coal….) post: in 2014, cyber risk has been elevated to a board issue – read on and forward to your favorite company director! As we have discussed...more

NIST Proposes Privacy Control Roadmap For Organizations

In an age in which safeguarding the privacy of a person’s information is becoming increasingly challenging, the National Institute of Standards and Technology (NIST) encourages organizations to devote time and resources to...more

FINRA Issues 2013 Regulatory and Examination Priorities Letter

Overview: On January 11, 2013, the Financial Industry Regulated Authority (FINRA) issued its 2013 Annual Regulatory and Examination Priorities Letter (Priorities Letter). This letter is issued annually to highlight...more

16 Results
|
View per page
Page: of 1