Data Breach

Subscribe to Data Breach via RSS

To effectively guard against an enemy of any kind it’s important to know your enemy. This strategy is just as effective when fighting an online battle to protect your company’s data.

Before you can effectively defend against cyberattacks, it is important to educate yourself on potential threats and how to handle them. We invite you to join us on September 7 for part two of the Columbus Cybersecurity Series featuring FBI agent David Fine returns. During this portion of the
Continue Reading Real-Life Attacks On Business & What You Can Do To Deter A Cybercriminal – Event September 7

Savvy in-house counsel and business owners termsoften ask are whether the insurers selling cyber policies actually pay claims or whether the policyholders are just buying the right to later sue the insurers for coverage.  The initial wave of cyber insurance litigation involved policyholders trying to obtain coverage for data breaches under their standard commercial general liability policies.  This produced mixed results with some courts finding coverage, while others did not.  The next wave of cyber insurance litigation involved policyholders asserting
Continue Reading Cyber Insurance: Travelers Required to Defend Healthcare Records Storage Company From Class Actions

The new DoD cybersecurity regulations require contractors to implement the security requirements specified by the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations,” not later than Dec. 31, 2017. DFARS, 252.204-7008(c)(1).

However, a contractor may propose to vary from the NIST SP 800-171 requirements under two circumstances. Under DFARS 252.204-7008(c)(2), a contractor may propose to vary from the security requirements specified by NIST SP 800-171 through a
Continue Reading Will the New DoD Cybersecurity Regulations Cause a New Wave of Protest Disputes?

Indiana law does not grant consumers the right to sue Anthem or any other data base owner for negligence following a data breach, according to the federal judge presiding over the Anthem data breach multi-district litigation.  Order, In re Anthem, Inc. Data Breach Litig., No. 15-MD-2617 (N.D. Cal. Feb. 14, 2016).

Instead, Indiana law grants consumers only the right to be notified of the data breach without unreasonable delay.  Indiana Code § 24-4.9-3-1.  If notice is not properly given,
Continue Reading Data Breach Victims Have No Legal Remedies Under Indiana Law

The U.S. Department of Defense published its Network Penetration Reporting and Cloud Computing Services regulations as an interim rule in August 2015 and updated them in December 2015.  Watch this new webinar replay at your convenience to learn about the regulations, how they may impact your business, and the concerns of industry groups. Click HERE to watch the webinar in its entirety.

 
Continue Reading Webinar Replay Now Available on the New Defense Department Cybersecurity Rules

Cyber Buyer's GuideYou need cyber insurance to protect your organization from the potentially-devastating financial harm that often follows a data breach, and to protect your brand and guard your reputation. Cyber insurance can help your organization survive a breach and pay the cost to notify customers of the breach and offer them credit monitoring services, defend your organization from class action lawsuits by customers, banks / credit card companies, and shareholders, and defend government investigations and enforcement proceedings. There are no standard-form
Continue Reading Cyber Insurance Buyer’s Guide

data privacyThe terms data privacy and data security are sometimes swapped back and forth as though they mean the same thing. They don’t, though they are tightly interlocked.

One way to consider how they’re different is to think of data privacy as the who and what of confidential information that must be kept safe and data security as the how, the means for keeping it safe.

Put another way, data privacy focuses on the individual whose private information is at
Continue Reading Privacy vs. Security

bankThe Federal Financial Institutions Examination Council (FFIED) warned financial institutions of the increasing frequency and severity of cyber attacks involving extortion resulting from ransomeware, denial of service attacks, and theft of sensitive business and customer information to extort payment and other concessions from victims.

The FFIEC recommends that financial institutions develop and implement programs to ensure that the institutions are able to identify, protect, detect, respond to, and recover from these types of attacks, including:

  • Conducting ongoing information security risk


Continue Reading Financial Institutions Warned of Increased Cyber Attacks Involving Extortion

cloud-computing-magnifiDemand for cloud computing is mounting swiftly, with double-digit annual growth rates expected through 2018.

Use of a remote, shared computer network to store, manage and process data can save time and money by eliminating the need for a local data center and an IT team to run it. Whether on a smart phone, a laptop or a desktop computer, cloud computing gives users immediate access to data anywhere there is an Internet connection.

Gartner, one of the world’s foremost
Continue Reading Privacy in the Cloud: Protecting Yourself

web appsThe Web hosts a vast array of applications, many of them critical for business operations, from office suites such as Google Docs, to email, calculators, spread sheets and data storage.

Nearly all mobile applications connect to the cloud, storing private business information, user names, passwords and other sensitive content. Employees tie into the Web with mobile device apps such as Google Maps, LinkedIn and Wink, which allows users to see from afar who is ringing the home doorbell or lets
Continue Reading Top Five Privacy Risks in Web Applications