blog

FEBRUARY 8, 2012 As a reminder, any business or entity that conducts business within California and collects and holds Personally Identifiable Information (PII) is now subject to Senate Bill 24, which amends the California breach notification law. This new bill aims to strengthen the state’s groundbreaking SB 1386 security breach notification law by mandating how and what content to include...

California Amends Data Breach Notification Law California has one of the toughest breach notification laws in the country.  Although it is strong on notification, the current law lacks direction on what information to include when issuing a data breach notification.  Senate Bill 24, which was signed by Governor Brown on August 31, 2011 and goes into effect January 1, 2012, amends SB 1386 to...

Are CIOs Making Isolated Decisions? Results of a recent survey by Financial Executives International (FEI) and Gartner posted on CIO states CIOs and IT teams are falling short of CFO expectations. CFOs, who appear to be having a greater influence over IT, don’t have the confidence that their own IT organization can muster the flexibility to respond to changing business priorities. As I read...

Don’t Trust Your Security to the Cloud – At Least Not Yet Companies that have launched their data into the cloud might be doing so at a greater cost than what they hope to save. The lure of IT cost savings provided by cloud computing becomes a strong incentive in this economy, but many organizations are overlooking security and privacy, and a breach could destroy the savings they intend to...

Nasdaq Breach – Another Warning to CEOs to Enhance Security Although there are some breaches companies can’t prepare for, this breach appears to be a case of lapsed security. The breached system at Nasdaq, so far, was tied to Directors Desk, a web-based service tool used by directors of companies, including board members, to share confidential documents.  One would think that if Nasdaq were...