How Breaches like Target and Home Deport are Changing the Role of the CISO

With the 1 year anniversary of the Target data breach approaching much has changed in the privacy and information security landscape since the mega breach.  No position has felt the ripple more than the Chief Information Security Officer.  The risks have not subsided, or the challenges reduced, but the level of publicity those two breaches […]

Read full story Comments { 0 }

Why Organizations Should Automate Incident Response

Organizations are seeing a spike in privacy and security incidents and it is becoming clear that manual processes just isn’t adequate.  Privacy and security professionals are turning to automation to help tackle the volume and complexity of these incidents.  A recent whitepaper in conjunction with the CISO Executive Network outlines how leading CISOs from all […]

Read full story Comments { 0 }

Why consistent incident risk assessment is so hard, yet so important

Organizations have a renewed focus on privacy & security incident assessment and response but continue to struggle with consistent processes.  The importance of a consistent incident risk assessment cannot be overstated.  The article below breaks down the reason why consistency is so important and why it is so challenging. Why it is so important: “If […]

Read full story Comments { 0 }

4.5 Million Patients Exposed in Community Health Services Data Breach

According to multiple reports coming out of Illinois, Chinese hackers have siphoned the personal information of approximately 4.5 million patients out of Community Health Services network.  To put that in context, that’s almost the population of Ireland (4.7 Million). “While the attack certainly generates negative publicity for the company, CHS says it has insurance for […]

Read full story Comments { 0 }

Data Incident Response – You’re Doing it Wrong!

Using a GRC platform, spreadsheet or homegrown system to manage your privacy and security incident response?  You’re doing it wrong!  You need the right tool for the job! About five years ago I walked into a fly fishing shop near me looking for some flies.  At the time I didn’t know much about fly fishing, […]

Read full story Comments { 0 }

7.3 Million New Yorkers Exposed in Data Breaches in 2013

The attorney general of New York recently released a data breach report revealing that over 900 breaches resulted in the exposure of 7.3 million new yorkers sensitive information during 2013.  The breaches at Target and LivingSocial make up the largest chunk of that breached data but with 900 breaches during the whole year, businesses of […]

Read full story Comments { 0 }

Florida Updates Its Data Breach Law – Florida Information Protection Act of 2014

As of July 1st, Florida’s data breach law will have some teeth!  The Florida Information Protection Act of 2014 was just recently signed by Governor Rick Scott and goes into effect July 1st.  Florida’s new law makes it one of the most strict out there, don’t worry California you still hold the crown, and broadens […]

Read full story Comments { 0 }

The Evolving Role of the CISO

The world is changing. The threats are changing. The technology is changing. It makes sense that our roles, our titles and our responsibilities are changing as well and information security officers are no different. “Twenty years ago, when businesses began hiring CISOs, business advantage derived from working with data within the organization. Data lived primarily […]

Read full story Comments { 0 }

Data Breach Fallout

The CEO of Target has stepped down in the aftermath of the huge data breach that hit the retailer last year.  Although not a huge surprise considering how big the breach was, to see such a high profile resignation is a reminder that these incidents have significant business consequences “Target on Monday announced that Steinhafel, […]

Read full story Comments { 0 }

Pencils Down, Hear Come the HIPAA Audits

As HHS begins its’ HIPAA audits this fall, experts have stressed the importance of good documentation.  These “desk audits” are the second generation of HIPAA audits and are expected to be narrower in focus.  The last round of HIPAA audits performed by KPMG set the stage for this years audits. “Common problems from the pilot […]

Read full story Comments { 0 }