The Securities and Exchange Commission (SEC) has been making cybersecurity a priority in 2015. In February, the SEC released observations of its first round of cybersecurity examinations of broker-dealers and advisors, which assessed cybersecurity preparedness. The SEC has just announced its second round of examinations, which promises to focus on the assessment of how well procedures and controls have been implemented. The second round of examinations will focus on:
Absolute today announced it has entered into an agreement with Aava Mobile Oy, a leading European mobile device manufacturer, to incorporate our Persistence technology into Aava Mobile devices.
While many businesses are making great strides in protecting themselves against data breaches, all this hard work can be undone when a breach occurs. It’s impossible to guard against everything, so it is important to know exactly what to do once a breach happens. Post-data breach, time matters. Delays can have disastrous consequences.
The FTC held its first “Start with Security” conference earlier this month, designed to help organizations implement effective data security strategies. This supply on educational resources comes soon after the Third Circuit re-affirmed the FTC’s authority to regulate data security standards of commercial entities. With the FTC’s authority now on firmer ground, it could be that we see the FTC step up more strongly with data security enforcement.
Last week, we discussed how global data regulations can impact businesses of all sizes, as outlined by Jonathan Armstrong, technology lawyer for Cordery and data regulation advisor at Absolute. Expanding on that discussion, Jonathan has put together a video, alongside fellow Cordery lawyer Gayle McFarlane, outlining some additional shifts in the global data regulation landscape.
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced a new HIPAA settlement with a small health care provider, which re-enforces the importance of securing electronic health information (ePHI) on the endpoint.
When talking about the healthcare industry, we tend to lump all sectors together. While the data security regulations do not differentiate between subsections in the healthcare industry, there are different risks, challenges, and levels of preparedness amongst the sectors. According to new research out of Crown Records Management, the pharmaceutical sector is woefully under-prepared for current and future data security challenges.
We are more than half way into 2015, with enough time now to assess the impact data breaches have had on organizations this year. The reports so far indicate a growth in targeted attacks, and continued attacks on the healthcare industry.