Category Archives: Business concerns

Subscribe to Business concerns RSS Feed

Energy Regulators Respond to Increasing Cyber Threats to the Grid

As anyone who even casually watches the nightly news can tell you, breaches of customer and corporate data can cause serious financial, legal, and reputational harm to a company. But, for energy companies that own and operate physical assets that comprise the nation’s power grid, understanding and complying with the federal government’s complex and constantly … Continue Reading

FTC Confirmed as Data Privacy and Security Sheriff: Court Holds That FTC Can Regulate Company’s Data Practices

On August 24, 2015, the Third Circuit released a long-awaited decision, holding that the Federal Trade Commission (“FTC”) does have authority to regulate data privacy and security practices which fail to protect consumer data. The decision could impact many companies and other organizations which hold consumer data, by increasing the risk if they fail to adequately … Continue Reading

PCI Council Retires Old Data Security Standard

Earlier this year, the PCI Security Standards Council published PCI Data Security Standard (PCI DSS) Version 3.1 and supporting guidance. While a majority of the revisions in this updated version are minor updates and clarifications, we highlight a few of the more significant changes in this blog post. PCI DSS Version 3.1 addresses vulnerabilities within … Continue Reading

New Cybersecurity Assessment Tool

The Federal Financial Institutions Examination Council recently published its Cybersecurity Assessment Tool (Assessment) to help financial institutions identify cybersecurity risks and determine the institution’s preparedness through a repeatable and measurable process over time. We share it with our data privacy audience because its value is not limited to financial institutions. It is a thoughtful, structured … Continue Reading

VCs considering data when evaluating funding targets

With major data breaches seemingly in the news every day, venture capitalists are increasingly considering data issues as they evaluate potential investments. Gone is the era when data privacy concerns were not a priority for VCs, according to a recent post in The Privacy Advisor by Sam Pfeifle. The post noted venture capitalist Andreessen Horowitz’s … Continue Reading

FTC issues guidance for those responsible for company data security

The Federal Trade Commission recently outlined what companies should expect if they’re the subject of an investigation involving data security – and one item in particular stood out to us. The entire piece, posted on the FTC’s Business Blog last month, is vital reading for anyone responsible for data security. But here’s the part that … Continue Reading

Despite what shows up on paper, cyber attacks still pose a substantial financial threat

Data breaches can be devastating to any business. Whether it’s a high profile attack on a large public company or a smaller scale breach on a private organization, the fallout of this growing threat has rightfully put cyber security at the top of most companies’ lists of priorities. So it was surprising to read a … Continue Reading

Responding to Shareholder Inquiries re Cybersecurity Oversight

Oversight of a company’s risk management programs is one of the chief responsibilities of the board of directors, and for many companies cybersecurity risks rank among the key areas for scrutiny.  It’s little surprise, therefore, that some institutional investors are reportedly sending detailed questionnaires to directors of public companies seeking extensive information about the company’s … Continue Reading

EU’s new data protection law is likely to impact all companies doing business in Europe

Headlines have been popping up lately around Europe’s latest proposed rules to address data privacy. While the focus of the media seems to be mostly on how it’s bad news for big tech companies such as Google and Facebook—which will likely have even more complicated data privacy waters to navigate in Europe—there is likely a … Continue Reading

Putting a plan into place to protect your company — Part 3

If this bubble graph, produced by Information is Beautiful, says anything, it’s that the risk and occurrences of data breaches shows no signs of slowing down. Even the largest, most respected companies have fallen victim to hackers. Already in 2015, the country’s second-largest health insurer, Anthem, experienced a breach of about 80 million of its … Continue Reading

Officers, boards maintain roles in protecting companies — Part 2

On Jan. 28, we celebrated Data Privacy Day (DPD)—an international effort centered on “Respecting Privacy, Safeguarding Date and Enabling Trust.” And it’s in the spirit of DPD that we continue the discussion around executives and boards of director alike prioritizing cyber-security within their companies. During our recent event, “Counseling Your Board of Directors and Officers … Continue Reading

Officers and boards have key roles in protecting companies — Part 1

To say that data privacy and concern over cyber breaches is important for any company functioning within the global economy is an understatement. For years IT departments have been working hard to keep their companies’ data safe, and, until recently, that responsibility was primarily theirs and theirs alone. But in this new world of “big … Continue Reading

Despite reported drop in breaches — threat is greater than ever

Earlier this month, IBM released a report indicating cyber-attacks during the 2014 holiday shopping season were down dramatically. Headlines like “Number of cyber-attacks on retailers drop by half” and “IBM: Cyber Attacks, Victims Drop in 2014” on Jan. 5, when IBM released its report, offer hope — giving the impression that we may have turned … Continue Reading

Children’s online privacy rights must be considered by companies

The Topps Company— the maker of Ring Pops—may have been just trying to have a little marketing fun. But a recent contest the company sponsored in 2014 around its jewel-shaped ring candy has caused a ruckus among several children’s rights advocacy groups and is at the root of a complaint recently filed with the Federal … Continue Reading

What companies face involving cloud computing and data security

Here is an excerpt from an article that ran in Digital Guardian in late 2014. The entire article can be found here. Digital Guardian asked 27 cloud computing and data security experts, including Jessica Franken, to answer questions on cybersecurity and cloud computing. Jessica was asked: When it comes to cloud computing and data security, … Continue Reading

Holiday season underscores the growing concern of data security

Ahh, the holidays! A time for giving, a time for sharing, a time for family and a time to worry about data security. While every company is at risk of experiencing a data breach, retailers in particular are in the line of fire. During the holidays, retailers—both online and brick-and-mortar—are busier than any other time … Continue Reading

Recent decisions indicate regulators more involved in privacy issues

In recent months, two federal regulating agencies have delivered decisions in which they unexpectedly took a broad interpretation of the law as it pertains to privacy—leaving some legal experts wondering if this is a sign of the times. In September, the Federal Trade Commission (FTC) told corporate executives that they may be held personally liable … Continue Reading

EEOC suit against Honeywell could have far reaching ramifications

When the Equal Employment Opportunity Commission (EEOC) sued Honeywell Inc. in October over the company’s wellness program, it had many legal experts scratching their heads. The wellness plan Honeywell offers to its employees is pretty typical of most plans offered within corporate America. But according to the EEOC’s suit, filed in a Minneapolis court on … Continue Reading

High value of personal data attracts more sophisticated hackers

Since the beginning of 2014, the press has released almost daily news of companies that have experienced significant data breaches. Although retail companies tend to garner the most press, retailers aren’t the only targets. Other companies, such as social media sites, are falling victim as well. In those cases, hackers have successfully obtained thousands of … Continue Reading
LexBlog