Social media cubesIt seems like we hear about a new data breach every week. Thanks to one of the most recent breaches, you could be only ten dollars away from getting in touch with your favorite A-list celebrity. Instagram — the Facebook-owned photo sharing company — was recently hacked due to a flaw in the program. Most recent reports indicate up to six million Instagram users’ email addresses and phone numbers may have been made public due to the data breach.

While the breach initially appeared to affect only celebrities and verified accounts, it has now been shown to affect a much wider range of accounts.

Continue Reading Instagram Hacked: What to Do to Protect Yourself in an Age of Data Breaches

data securityYou are an entrepreneur. You have great ideas. Those ideas are going to change your industry. In most cases, to accomplish those goals, you are going to need help from others. How do you protect your intellectual property and data? You need to focus on protecting those assets in the contracting process.

Most developing companies rely on third party service providers. As an entrepreneur, you will likely rely on hosting and cloud solutions. While we advise that you consider business considerations first, you should also consider legal issues relating to data privacy and security issues. You cannot achieve 100% security for your assets, but there are many ways to protect yourself. You should also consider obtaining cyber-liability insurance for your company and you should ask your service providers whether they have it.

Continue Reading Protecting Your Data and Intellectual Property

Data computerData security breaches are impacting long-standing and start-up corporations, as well as public and private entities. No one is immune from these threats and understanding the prevalence is the first step in best preventing this from impacting your organization.

Continue Reading Gone Phishing: Data Security Breaches Affect Start-Ups and School Districts Alike

Shanghai ChinaThe newly passed Cybersecurity Law of the People’s Republic of China will take effect in June 2017, and it is expected to have a significant impact on multinationals doing business in mainland China. The law affects both domestic and foreign companies operating on the Chinese mainland and covers a wide range of activities including the use of the internet, information and communications technologies, personal data, national security and more.

The difficulties with determining the steps needed to comply with such sweeping changes are only complicated by the fact that a large number of key terms in the law have yet to be clearly defined. As a result, China’s new Cybersecurity Law will continue to evolve as the national government interprets it.

Here are some key provisions to follow in the coming months.

Continue Reading Costs and Unanswered Questions of China’s New Cybersecurity Regime

spinningPlatesiStock_000011904878_LargeIt’s a dangerous world for protected information, with major breaches in the news and a challenging cyber-threat environment behind the scenes.  Cyber theft for competitive advantage, denial of service attacks, ransomware intrusions, and even state-sponsored espionage are real dangers, as are conventional breaches compromising individuals’ protected information.  State PII breach notification obligations loom large for customer and employee data.  For BtoC organizations, cardholder data can also be at risk.  And HIPAA/HITECH imposes its own breach response requirements for employers’ self-funded health plans.

Organizations must be prepared to respond to data breaches, but effective response is no small matter.  There are ten different channels of response activity for an organization that has suffered a security breach:  Security, Legal, Forensic, Law Enforcement, Regulators, Insurance Coverage, Public Relations, Stakeholders, Notification, and Personnel Management.  Most of these activities are involved in every breach, and all must be dealt with in significant breaches.  These activities are not sequential.  They play out in parallel, with interrelated effects … and with the response clock ticking.

Continue Reading The Ten Key Activities for Effective Data Breach Response – Are You Prepared?

Almost every day brings a new report of a significant cyber-security breach. National retailers, large financial institutions, and local entities large and small have been recent victims of cyber-hacking. Financial institutions, health care providers, and retailers are frequent targets of cyber warfare, but virtually every business is at risk. The St. Louis Business Journal’s Oct. 10-16, 2014, cover story, “Why no company is safe in the age of cyber warfare,” (Felt, Brian) reports the staggering costs in lost business and post-data breach losses associated with cyber attacks. According to a local cyber security expert quoted in the Business Journal, “executives should be operating under the assumption that they’ll soon be hacked if they haven’t been already.”

Continue Reading It Can Happen to Your Business – Don’t Let a Data Breach Catch You Unprepared