Upload File

data security alert

2
DATA SECURITY ALERT AUGUST 3, 2012 WHY YOU MAY HAVE SUFFERED A DATA BREACH AND NOT EVEN KNOW IT 90% of organizations have suffered a data breach, a 2011 survey found. 1 A more recent study revealed that at least one in five financial businesses do not know whether they have suffered a data breach in the past three years. 2 Why do so many data breaches go unidentified in the corporate world? One reason is that people equate data breaches with cyber attacks. While cyber attacks can result in a data breach, the far more common causes of data breaches are human error and common practices in the workplace that, until now, have not really been questioned. At a minimum, human behavior and corporate custom combine to make a company more susceptible to a cyber attack. A review of the data security literature and recent actions by the Federal Trade Commission provide good examples of how data breaches occur. With each example below, ask yourself what your organization is doing to protect itself against the risk: An employee loses a mobile device (phone, laptop, tablet, etc.) or removable media, like a thumb drive, containing unencrypted personal information, or such a device/media is stolen. An employee receives an email asking her to click on a link that appears to be legitimate but is actually a vector for malware that will infect the company’s IT systems. An employee sends mail (“snail” or email) containing unencrypted personal information that gets lost or is inadvertently sent to the wrong recipient. An employee installs software on his computer that inadvertently allows access by outsiders to company information. 1 Perceptions About Network Security, Ponemon Institute (Jun. 2011) 2 One in Five Financial Firms “Don’t Know” Whether They Have Suffered Data Breaches, MarketWatch (Jun. 2012). Shook, Hardy & Bacon understands companies face challenges securing information in an increasingly electronic world. SHB guides its clients through an ever-changing patchwork of data security and data privacy laws and regulations, and helps its clients manage risks associated with maintaining and using electronic information. For more information on SHB’s data security and data privacy services, please contact: Al Saikali (305) 960-6923 [email protected]

Upload: others

Post on 18-Mar-2022

2 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Data Security Alert

DATA SECURIT Y ALERT

AUGUST 3, 2012

W H Y Y O U M A Y H A V E S U F F E R E D A D A T A B R E A C H A N D N O T E V E N K N O W I T

90% of organizations have suffered a data breach, a 2011 survey found.1 A more recent study revealed that at least one in five financial businesses do not know whether they have suffered a data breach in the past three years.2

Why do so many data breaches go unidentified in the corporate world? One reason is that people equate data breaches with cyber attacks. While cyber attacks can result in a data breach, the far more common causes of data breaches are human error and common practices in the workplace that, until now, have not really been questioned. At a minimum, human behavior and corporate custom combine to make a company more susceptible to a cyber attack.

A review of the data security literature and recent actions by the Federal Trade Commission provide good examples of how data breaches occur. With each example below, ask yourself what your organization is doing to protect itself against the risk:

• An employee loses a mobile device (phone, laptop, tablet, etc.) or removable media, like a thumb drive, containing unencrypted personal information, or such a device/media is stolen.

• An employee receives an email asking her to click on a link that appears to be legitimate but is actually a vector for malware that will infect the company’s IT systems.

• An employee sends mail (“snail” or email) containing unencrypted personal information that gets lost or is inadvertently sent to the wrong recipient.

• An employee installs software on his computer that inadvertently allows access by outsiders to company information.

1 Perceptions About Network Security, Ponemon Institute (Jun. 2011)2 One in Five Financial Firms “Don’t Know” Whether They Have Suffered Data Breaches, MarketWatch (Jun. 2012).

Shook, Hardy & Bacon understands companies face challenges securing

information in an increasingly electronic world.

SHB guides its clients through an ever-changing patchwork of data

security and data privacy laws and regulations, and helps its clients

manage risks associated with maintaining and using electronic information.

For more information on SHB’s data security and data privacy services,

please contact:

Al Saikali (305) 960-6923

[email protected]

http://www.shb.com
mailto:asaikali%40shb.com%20?subject=SHB%27s%20Data%20Security%20Alert
Page 2: Data Security Alert

DATA SECURIT Y ALERT

AUGUST 3, 2012

2 |

• A company shares confidential, personal, or protected information with a third-party service provider who has implemented little or no security measures to protect the information.

• An employee does not dispose of a customer’s personal information in a secure manner when it is no longer needed.

• A company creates an unsecured WiFi hotspot for visitor access to its network, which makes the company’s network susceptible to hackers.

• An employee accesses unsecured or unknown WiFi hotspots while traveling.

• A company uses a photocopy machine that stores information long after the copying takes place.

• An employee uses simple passwords (like “password” or “12345”) and is never required to change it.

These are just some examples why companies are suffering data breaches. A common theme is that many of them seem like innocuous corporate custom, but in fact they pose significant liability and business risks to the company and its brand, particularly when the breach is discovered and notice is required by law.

The good news is that there are technical, administrative, and physical safe-guards a company can adopt that will help minimize these risks. Increasingly, state and federal laws, the Federal Trade Commission, and industry standards are requiring these safeguards. Any company that collects, maintains, or uses personal information of its customers, employees, or other individuals, would be well advised to learn more about the safeguards that can be tailored to the size and needs of their organization. What policies, procedures, and other safeguards does your organization have in place to protect itself?

For more information about these and other issues relating to data security law, visit Al’s blog at www.datasecuritylawjournal.com.

OFFICE LOCATIONS

Geneva, Switzerland +41-22-787-2000

Houston, Texas +1-713-227-8008

Irvine, California +1-949-475-1500

Kansas City, Missouri +1-816-474-6550

London, England +44-207-332-4500

Miami, Florida +1-305-358-5171

Philadelphia, Pennsylvania +1-215-278-2555

San Francisco, California +1-415-544-1900

Tampa, Florida +1-813-202-7100

Washington, D.C. +1-202-783-8400

http://www.shb.com
http://www.datasecuritylawjournal.com

SHIP SECURITY ALERT SYSTEM (SSAS) - Furuno · The IC-307 SSAS (Ship Security Alert System) Alert Unit connects to the Inmarsat-C MES FELCOM 15 or the Inmarsat Mini-C FELCOM 16 for

Big Data & Cyber Security. Agenda “ Stay Alert” Actionable Intelligence RealTime big DataProcessing 9 ways to buildconfidence in Big Data Big Data & Social

AIR SOVEREIGNTY ALERT: AMERICA’S SECURITY BLANKET · AIR SOVEREIGNTY ALERT: AMERICA’S SECURITY BLANKET BY LIEUTENANT COLONEL GORDON NIEBERGALL United States Air National Guard

ssas - · PDF fileTracking and Alert Messaging In addition to SOLAS security alert requirements, the BlueTraker SSAS device is capable of position data report transmissions for day-to-day

First Alert DWS-472 Video Security System Manual

CICS EXTERNAL SECURITY SYSTEM SECURITY … · ALERT/CICS. Subject Manual Installation The BIM-ALERT Installation and Operations Guide explains how to install and maintain BIM-ALERT/VSE

SHIP SECURITY ALERT SYSTEM (SSAS) USCG Version · PDF fileSHIP SECURITY ALERT SYSTEM (SSAS) USCG Version IC-307 OPERATOR'S MANUAL MODEL

NEW SECURITY THREATS AND OPPORTUNITIES ALERT: THE … · 2019-08-24 · Page 1 of 13 NEW SECURITY THREATS AND OPPORTUNITIES ALERT: THE OTHER SIDE OF THE SECURITY COIN MONTHLY ALERT,

Cybersecurity, Data Privacy & Information Management Alert: … cybersecurity, data privacy & information management alert: morrisons not liable for employee’s wrongful disclosure

JAVA- Data Streaming Alert Intrusion Detection

BIM-ALERT/CICS™ 5.1 Security Administrator's CICS Security Manager Security Administrator’s Guide Release 5.1 • BIM-ALERT/CICS™ facilities are easy to use, even for non-technical

The use of SOLAS ship security alert systems2020. 11. 1. · The use of SOLAS Ship Security Alert Systems . Exploring how Flag States manage ship security alerts, and the potential

Introduction to Security in the Cloud - Mark Brooks, Alert Logic

Big Data & Cloud Security on AWS with Alert Logic

Llinks Client Alert – Cybersecurity, Data & Privacy

Protecting Grids from Cross-Domain Attacks Using Security Alert

Flexible Web Visualization for Alert-Based Network Security Analytics

M4D4: a Logical Framework to Support Alert Correlation in ... · Key words: Intrusion Detection, Alert Correlation, Data Model 1 Introduction Managing and supervising security in

How to get rid of microsoft security essentials alert virus

Solving Alert Fatigue in Cyber Security

4gb SECURITY SYSTEM - First Alert · Thank you for choosing First Alert for your security needs! For more than half a century, First Alert has made the home-safety and security products

Protect your workplace: Cyber security measures to prevent ... · Protect your workplace: Cyber security measures to prevent a data breach April 2019 Stay Alert, Stay United and Stay

Promise, Progress, and Pitfalls in Big Data Analyses …...Data at Post -Alert & key data between Alert & Post -Alert 3-6 sec 4 sec Study data per ignition cycle: 1. Trip aggregated

Security Alert Systems May 21st, 2003 cs239-1 Martin Lukac

Integrigy Consulting Overview › files › IntegrigyConsultingOverview.pdf · Integrigy Published Security Alerts Security Alert Versions Security Vulnerabilities Critical Patch

OpSec Alert: CFO’s Top Secret Guide to Cyber Security

Logitech Alert Video Security System · Logitech Alert™ Video Security System comes with everything you need to help protect what’s important to you—smart cameras, powerful

Alert verification through alert correlation – an ... Holm - 2017 - Alert... · An intrusion detection systems (IDS) is a valuable security technology for practitioners that has

Alert logic cloud security report

4gb SECURITY SYSTEM - First Alert

Revision A McAfee Database Security 4.6 - Knowledge … McAfee Database Security 4.6.x Product Guide 7 Configure automatic alert archiving 130 Configure manual alert archiving 131

Client Alert Privacy, Data Security & Information Use ... · With Safe Harbor now “Invalid,” Companies Must Change Data Practices . By Rafi Azim-Khan, Mercedes K. Tunstall, Steven

Alert Logic: Realities of Security in the Cloud

· PDF fileSRS Alert Shock Alert Security Anti Theft Alert Moving Alert . DVR Introduction ... Support Video streaming Description MP4, 1-1.264 Support : 802.11 b/g/n/ac

First Alert Security System Manual