data breach – Compliance Building

Data breach Sharing Framework

Doug Cornelius March 2, 2010March 2, 2010 Privacy [+]

With the Massachusetts Data Privacy Law now in place (and presumably you are in compliance with it), you need to think about what to do if you have an incident. Verizon has published the Verizon Incident Sharing Framework to help. Our goal for our customers, friends, and anyone responsible for incident response, is to be … Read more »

Data Breaches and Knowledge Management

Doug Cornelius March 2, 2010October 2, 2013 Knowledge Management, Privacy, Publish to KM Space [+]

One of the features of the new Massachusetts Data Privacy Law is that it forces some knowledge management on companies in the context of data breaches. Since the law required compliance on or before March 1, 2010, I assume you already have the policy and safeguards in place. That is, if you have social security … Read more »

2009 Data Breach Investigations Report

Doug Cornelius July 29, 2009February 26, 2013 Enterprise 2.0, Privacy [+]

285 Million records were compromised in 2008. The Verizon Business RISK Team conducted a study of first hand evidence collected during data breach investigations of 90 confirmed breaches as part of their caseload. This 2008 caseload of more than 285 million records, exceeded the combined total from 2004 to 2007. 2009 Data Breach Investigations Report … Read more »

Ten of the Most Embarrassing Data Breaches

Doug Cornelius July 28, 2009September 30, 2013 Privacy 7

I gathered some notable data breaches in preparation for my presentation on the Massachusetts Data Privacy Law as part of my webinar on Wednesday: Preparing for the strictest privacy law in the nation: MA Privacy Law 201 CMR 17. If you wondered why there are so many state laws on data breaches, just take a … Read more »

Quick Hits

Doug Cornelius April 18, 2009April 16, 2009 Compliance Bricks and Mortar [+]

Some quick hits on stories that interest me, but did not make it to a full post: SEC Posts XBRL Compliance Guide from The Filing Cabinet by Melissa Klein Aguilar The staff of the Securities and Exchange Commission has posted a “small entity compliance guide” on its rules that require companies to submit financial statements … Read more »

Data Breach Costs $202 per Customer Record

Doug Cornelius February 9, 2009March 3, 2009 Privacy 3

PGP Corporation and Ponemon Institute issued their fourth annual U.S. Cost of a Data Breach Study. The study examined 43 organizations across 17 different industry sectors with a range of 4,200 to 113,000 records that were affected. According to the report, data breach incidents cost U.S. companies $202 per compromised customer record in 2008, compared … Read more »