Auditing the Data Hiding in Plain Sight

A Q&A with Chris Pillay of Meridian Technologies

An often-overlooked risk in cyber security is software development and testing, which is often done in house in large companies. To test software, engineers utilize either scrubbed data and where the process of scrubbing personally identifiable information is too complex, costly or time-consuming, live data is used, posing serious security and privacy risks. I learned more about this issue by talking to Chris Pillay, CEO of Meridian Technologies.

Continue Reading

Blockchain and Cyber Risk

A Q&A with Scott Diamond of Chicago Crypto Network, LLC

Blockchain is an emerging technology with the potential to greatly reduce cyber risk and ensure data integrity. To find out more about how it works and why organizations can benefit from rethinking their business processes, I talked to Scott Diamond of Chicago Crypto Network.

Continue Reading

Public Entities and Cyber Security

A Q&A with David Lineman, Information Shield

Public entities are equally at risk for data loss incidents as organizations in the private sector, yet PEs are often far less prepared to handle these events. I spoke to David Lineman, president of Information Shield, about how PEs can strengthen their cyber security posture.

Continue Reading

Hybrid Active Directories: Another Frontier for Data Breaches

A Q&A with Quest

More organizations are adopting Microsoft’s cloud-based Azure Active Directory (AD) but maintaining on premises AD deployments to support legacy systems or applications without internet access. We call this a hybrid Active Directory deployment.  Hybrid ADs may pose a security risk if not managed properly. Unexpected changes to the AD environment, such as changes in user privilege, multiple logins in rapid succession, and logins from unusual locations often provide the first indication of an external or internally initiated breach. We spoke to Keri Farrell, Brad Kirby and Matthew Vinton from Quest about this particular concern for organizations and how they can shore up security measures to avoid data loss.

Continue Reading

Law Firms and Data Breaches: Sensitive Data and Dangerous Practices

A Q&A with Jay Edelson of Edelson PC

Hacking incidents at law firms have led to major data breach events in recent months. Even as all law firms store and handle sensitive client data, many of the smaller organizations tend to lack robust cybersecurity policies and procedures. I spoke with attorney Jay Edelson of Edelson PC about the cases he is bringing on behalf of plaintiffs and what law firms should be doing to avoid or minimize these events.

Continue Reading

Forecasting the Impact of the GDPR

A Q&A with Hans Allnutt of DAC Beachcroft, LLP

Adopted in May, the sweeping General Data Protection Regulation (GPDR) replaces the E acheter viagra inde.U.’s long-outdated Directive 95/46/EC. The privacy regulation, which takes effect after a two-year transition period, calls for steeper sanctions and fines for violations. To find out more about what its adoption will mean for risk managers, I spoke with Hans Allnutt of DAC Beachcroft, LLP.

Continue Reading

Delving Into California’s Data Security Report

CaliforniaA Q&A with Tanya Forsheit of BakerHostetler

In February California Attorney General Kamala Harris released her state’s data breach report and outlined “reasonable” security measures that companies should employ to avoid enforcement actions. I talked to litigator Tanya Forsheit about the AG’s recommendations and how companies should address them.

Continue Reading

No more posts.