Is your company ready for 2014? Are your Written Information Security Programs, Risk Management Procedures and Data Incident Response Plans up-to-date, tested and up to today’s dynamic threat landscape? Are you sure? Officials at the U.S. Securities and Exchange Commission (“SEC”) recently announced plans to increase scrutiny of how assets managers at companies subject to […]
New Android App Warns When You Are Being Watched
With tens of thousands flocking to MetLife stadium tonight to watch the Super Bowl, most will have smartphones on hand. According to a Pew Research report, nearly 20% of smartphone users surveyed have attempted to disconnect access to geolocation information by their apps, and 70% have wished to know more about geolocation data collected by […]
FTC’s 50th Data Security Settlement Highlights Best Practices
The FTC’s recently announced “50th data security settlement,” with GMR Transcription Services, has been highlighted by the Commission as a “golden opportunity to check your [data security] practices.” We agree. The facts behind the settlement read like a veritable case study of what not to do and how companies get into hot water with regulators […]
IAPP Introduces All-New Mobile App Privacy Tool
In the past year, the Federal Trade Commission increased enforcement of mobile privacy policies and mobile apps, particularly those used by children as regulated by the Children’s Online Privacy Protection Act (“COPPA”). Regulators across the pond in the EU has likewise viewed mobile apps and mobile devices as posing significant privacy and data security concerns. Responding […]
2014 Cyber Security Outlook – Internet of Things, Bitcoin, Mobile Payments
The Multi-State Information Sharing & Analysis Center (MS-ISAC), a national non-profit under the aegis of the Center for Internet Security, is out with its 2014 Cyber Security Outlook (pdf available here). The brief highlights that MS-ISAC expect 2014 to highlight security concerns and info sec issues focused around: (1) The Internet of Things – MS-ISAC […]
The Advantages of Having Your Attorney Hire “consultants”
In any data breach/incident or, frankly, any other situation that could reasonably lead to litigation or generate a response that is in “anticipation of litigation or for trial” it’s important to remember the general rule (subject to various exceptions and circumstances) that having your in-house counsel (or The SmartedgeLaw Group or other law firm as […]
SmartedgeLaw Group Lectures at SHU on CyberSecurity
Rich Santalesa, will be lecturing at Sacred Heart University in Fairfield, CT on Jan. 13, 2014 as part of SHU’s newly launched Masters Degree in Cybersecurity program. The recently developed Masters program includes required courses on securing cloud initiatives, systems security, digital forensics, network security, cryptography and security management, as well as electives in vulnerability […]
FTC “Internet of Things” Workshop Explores Privacy Risks and Benefits
The Federal Trade Commission’s long awaited “Internet of Things” public workshop was held Nov. 19, 2013, and webcast live (with presentations, transcripts and videos to be archived for ready access at http://www.ftc.gov/video) to explore a wide range of potential privacy and security issues associated with Internet-connected devices everywhere – at home, work and in the car. […]
Survey: Medical ID Theft Now Fastest Growing Fraud
Medical and healthcare-related security and privacy concerns have been front page news in 2013, especially with recent launches of federal and state medical healthcare exchanges and changes stemming from the “HIPAA Omnibus Final Rule” enacted early this year that went into effect as of September 23rd. In a timely and notable report, the Ponemon Institute […]
Discussing the FTC’s Proposed Settlement with TRENDnet
Following up on Senior Counsel Rich Santalesa’s recent post on the FTC officially entering the “Internet of things” space by proposing a consent order settlement with TRENDnet, he spoke with Colin O’Keefe of LXBN TV on the subject. In the below concise video interview, he explains what TRENDnet did to draw the FTC’s ire and […]
FTC Enters “Internet of Things” Arena With TRENDnet Proposed Settlement
With predictions that by 2020 more than 30 billion devices will be wirelessly connected to the “Internet of Things” the issues for data security and privacy in an “all-connected, all-the-time” world are massive. And as the FTC continues to forge ahead in efforts to address mobile and other burgeoning security matters it recently entered the […]
Ponemon’s Cyber Insurance Study Finds Companies Neglecting Coverage
The challenges of managing corporate risk – whether through the growth of formal “GRC” (governance, risk management and compliance) programs or through contractual liability transfers – increase each year. However, a recent Ponemon Institute study, Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age, released Aug. 7, 2013 (available here: http://www.experian.com/managingcybersecurity)(the […]
The SmartedgeLaw Group Discusses “Privacy in a Social Age” in NYC
For those in the New York Tri-State Area, InfoLawGroup Senior Counsel, Richard Santalesa, will joining a panel of experts this Thursday evening, July 18th, at a meeting of the Social Media Club of NYC, to be held at the downtown offices of PR Newswire from 6:00pm to 8:30, with the panel discussion to start at […]
New Federal Guidance for BYOD Security Released
The National Institute of Standards and Technology (“NIST”) is at it again. This past Monday it released an update of its 2008-era special publication to reflect the tremendous growth of mobile devices since: Guidelines for Managing the Security of Mobile Devices in the Enterprise (SP 800-124r1))(the “Mobile Guidelines”). The Mobile Guidelines are designed to go […]
NIST to Launch Big Data Working Group
The National Institute of Standards and Technology (“NIST”), which we’ve written about at length in the past in connection with its ongoing data security and cloud computing related work, announced the formation of a Big Data Working Group today, with a “kick off” conference call this Wed., June 19, from 1-3pm EDT. The group is […]
