Securing the C Level: Getting, Keeping or Reclaiming that Executive Title ISBN-13: 978-1467968829 ISBN-10: 146796882X ISBN-eBook: 978-1-62112-227-2 Want the E-PUB E-Book version instantly? Get it here: [wp_eStore:product_id:1:end] Now on Amazon and other book store locations! In the news! PR NewsChannel Homepage CBS Marketwatch CBS Chicago Daily Herald – Suburban Chicago Business Insider WLS Chicago TV… Read More
Are You Alert?
The world is full of information and it is becoming more transparent and more accessible to more people every day. This technological paradigm shift enables the individual and the organizational entities to discover more about another person or item of interest or even themselves. It becomes increasingly important to, where possible, control your digital spin.… Read More
Uninsured – Underinsured Information Highway Motorists
On the information freeway, the vast majority of the population is driving ninety miles per hour (144 KPH) without insurance; this includes business entities as well. In the United States, as in many other countries as well, the law dictates that a person possess a minimum level of automobile insurance to protect the financial stability… Read More
Weekly Digest for November 17th
mdpeters posted 9 items. Identity theft North Carolina Identity Theft Protection Act of 2005 Security Freeze Fraud North Carolina Identity Theft Protection Act of 2005 Personally identifiable information Credit card fraud North Carolina Identity Theft Protection Act of 2005 Identity theft mdpeters posted User:Olylia1949.
Shot Down in Flames! – That ROI for security or litigation is in jeopardy.
The Return on Investment, aka ROI, is an essential financial measurement for any business venture and one that must be positive, or at least neutral, in order to demonstrate the viability of the proposition being examined. There are certain essential business functions however that does not provide a return on your investment; and two… Read More
Would you buy a car without seat belts?
Recent headlines said, “Network ransacked in huge brute-force attack” (Source: The Register) and “Hackers break SSL encryption used by millions of sites” (Source: Huffington Post) among many other security and privacy news that fill the news outlets every time I look and listen. The problem is not some new phenomenon, but one that continues to… Read More
FTC Proposes Significant Changes to the Online Collection of Information from Children rule
The Federal Trade Commission (“Commission”) released on September 15, 2011, its long-awaited proposed amendments to its rule implementing the Children’s Online Privacy Protection Act (“COPPA Rule”). They are accepting comments until November 28, 2011. The Commission is proposing modifications to the COPPA Rule in three key facets:
Easiest way to breach a bank? Just hold-em-mop!
On July 29, 2011, Massachusetts Attorney General Martha Coakley announced a $7,500 settlement with Belmont Savings Bank following a May 2011 data breach involving the names, Social Security numbers and account numbers of more than 13,000 Massachusetts residents. The bank has stated that it has no evidence of unauthorized access to or use of consumers’… Read More
Expanding Security Breach Notification Requirements in California
A new amendment to California’s security breach notification law will raise the stakes for businesses required to give notice of a data security breach affecting California residents. California Senate Bill 24 (“SB 24”), signed by Governor Brown on August 31, 2011, imposes detailed new requirements for the content of security breach notices. Significantly, SB 24… Read More
Geolocational Privacy and Surveillance Act – First Blush
The law does not lead, it follows. Our system is very reactive in nature. It tends to change, without my surprise, like people generally do as a direct result to negative events or influences. Smokers quit following the heart attack and our legal system create laws based upon past events. GPS technology has been around… Read More
The PCI Challenge
It is frequently in the news. Reports have been written. Punitive and compensatory damages have been awarded. Companies around the globe have been challenged to find the resources required to comply with the Payment Card Industry Data Security Standard (PCI DSS). The prime PCI DSS objective is to protect cardholder data. The prime objective of… Read More
Insecurity
If you think that absolute security exists you would be absolutely incorrect. Speaking as a security practitioner who has been in the business for as long as there has been a security business, I’ll tell you with a straight face that no technology system exists that is completely secure or one hundred percent impenetrable. The… Read More
Juris Doctor 135-143 of 161: The Geek Shall Inherit the Universe
Cyber-espionage and Cyber-warfare poses the greatest threat to our society today. No longer are massive militarized forces with the most advanced weaponry the force to fear. The forces to be feared now are computer geeks. A single person or just a few cyber-savvy individuals working together as a team now possess the power to bring… Read More
Dropbox? More Like Dropball!
There has been a putative class action complaint filed on June 22, 2011, in the United States District Court, for the Northern District of California alleging that the popular cloud-based storage provider Dropbox, Inc. failed to secure its users’ private data or to notify the vast majority of them about a recent data breach. According… Read More
New PCI Data Security Standards for Cloud Compliance
The PCI Security Standards Council’s Virtualization Special Interest Group recently published its “Information Supplement: PCI DSS Virtualization Guidelines” (the “Guidelines”) to Version 2.0 of the PCI Data Security Standard (“PCI DSS”). The Guidelines provide context for the application of the PCI DSS to cloud and other virtual environments, and offer at least three critical reminders:
$7.2 million – cost of a data breach
The average organizational cost of a data breach increased to $7.2 million and cost companies an average of $214 per compromised record. What’s protecting you? Check out the CrossView Security playbook http://bit.ly/m3qnWD #CMO #retail
Juris Doctor 130-133 of 161
I’ve thoroughly enjoyed Cyberspace Law over the past three weeks exploring subject matter in ISP Liability for Speech, Anonymous Communications in Cyberspace, and Content Regulation in Cyberspace. A particular facet I have derived more amusement from than normal is concerned with the concept of anonymity. From a technical perspective, true anonymity does not actually exist.… Read More
We Eat Our Own
Our reasonable expectation of privacy is an illusion similar to the “job security” myth perpetuated by so many workers. The power to control your identity, privacy and security has less and less to do with the individual and more to do with corporate honor or criminal intent both of which sometimes have blurry demarcation. We… Read More
Juris Doctor 121-126 of 161
I’ve mentioned before that the focus of this doctoral program I am nearing completion with is focused on cyberspace law in the federal and international law sectors. There are a few things about what I have learned that are hysterical from my particular perspective. First, these technology courses I am participating in are really almost… Read More
Weapon of Mass Disruption (WMD)
Of all the attacks taking place on Web sites across the Internet today, and there have been some very high profile ones recently, SQL injection is making its mark as the cyber-criminal’s most effective weapon of mass disruption (WMD) into corporate data stores. In my opinion, this threat vector against the crown jewels is public… Read More
What’s in a name?
Prior to April Fools’ Day, 2011, you probably had never heard of Epsilon Data Management, right? I’d wager, however, that this email marketing firm has heard of you. In excess of 250 million email account names were pirated from the marketing services firm, vaulting this to what may be the largest breach of personal information… Read More
Juris Doctor 120 of 161 – AKA Beer Breach
I have a natural passion for keeping people safe and secure as many of you know. I also have a real passion for technology law which might be evidenced by the doctoral pursuit in law. I also follow the news looking for cases that have been adjudicated and what the verdict or in most cases,… Read More
Weekly Digest for March 24th
mdpeters posted 4 items. HORSE – Holistic Operational Readiness Security Evaluation.:General disclaimer HORSE – Holistic Operational Readiness Security Evaluation.:Privacy policy Anti-cybersquatting Consumer Protection Act Anti-cybersquatting Consumer Protection Act mdpeters posted 3 items. Main Page Main Page HORSE – Holistic Operational Readiness Security Evaluation.:About mdpeters posted User:Ledelars.
Juris Doctor 118-119 of 161
While I was doing some research on consumer protections in my Cyberspace Law class, I encountered the following policy that is certainly on the horizon for consumer protections. You can find the original press release here: Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework, The Department of Commerce internet policy… Read More