A Q&A with Michael Sabo of DB Networks
Every month there seems to be some major company that suffers a catastrophic breach of their network, and the investigation very often confirms that the bad guys exploited a SQL issue. Yet SQL injections have been the method of choice for hackers for more than a decade. To find out why networks are still vulnerable and what companies can be doing to better protect themselves from this risk exposure, I spoke to Michael Sabo, VP of marketing for DB Networks, which creates behavioral analysis technology solutions.
A Q&A with Taiye Lambo of CloudeAssurance – an eFortresses Company
With the cloud becoming a daily reality for most businesses, security risks are greater than ever before. Yet many companies are not even aware of their vulnerability, says Taiye Lambo of CloudeAssurance. I asked him what they could be doing to bolster data safety and securely within the cloud.
A Q&A with Rob Chiang of Navigant Consulting
When a company loses valuable R&D data during a breach incident, that loss or value must be calculated for financial and legal purposes. I asked Rob Chiang, leader of the Intellectual Property valuation practice at Navigant Consulting, about the valuation process, and how he determines the value of lost data.
A Q&A with Marshall Harrison of Imperium
With the passage of the Children’s Online Privacy Act (COPPA) businesses are scrambling to find effective ways of staying compliant with the regulation. I talked to Marshall Harrison, founder and CEO of Imperium, about the law’s implications and his new product ChildGuardOnline, an FTC-approved parental consent verification solution.
A Q&A with Steve Visser, Managing Director at Navigant Consulting
Many types of data security incidents can require a forensic investigation to uncover the depth of the breach and how it occurred, and this process is more efficient when an organization has anticipated what’s involved. I talked to Steve Visser—national leader of Navigant Consulting’s information security incident investigation and response practice—about what risk managers can do to prepare for a successful forensic investigation.
A Q&A with Michael Tanji of Kyrus
The introduction of CryptoLocker “ransomware” poses a new security threat to organizations—in fact, one of our customers was recently hit with this hostage-taking nuisance. To get a better sense of what CryptoLocker does and how it can be stopped before any damage is done, I spoke with Michael Tanji of Kyrus.
A Q&A with Ronald Raether of Faruki Ireland and Cox P.L.L.
Having written privacy and security policies and procedures in place is critical for organizations in an era when data breaches are an inevitable reality, which is why data security-focused law firm Faruki Ireland & Cox has created policy templates for clients. These templates are now available in the eRisk Hub® and I spoke to attorney Ronald Raether about how they should be used.
A Q&A with Jack Walsh of ICSA Labs
With the proliferation of mobile devices, businesses from all sectors are now offering apps for consumer and employee use. However, data insecurity, the potential for lost personal information and a lack of developer experience pose a major liability for companies providing mobile apps. I talked to Jack Walsh, mobility programs manager of ICSA Labs, about the major security and privacy issues connected to mobile apps.
A Q&A with Jay Edelson of Edelson LLC
With court attitudes around privacy issues constantly evolving, it can be a challenge to understand what constitutes a significant data breach case and the consequences liable organizations face. I asked counsel Jay Edelson about how he chooses his class action cases and how the current legal climate is treating them.