Data Protection Report

MARCH 21, 2024

Our readers may recall that HHS had originally issued the Bulletin in December of 2002, which we summarized here. HHS’ changes are generally clarifications and additional examples. This post will focus on the changes to the original guidance. like a standard analytics cookie).

Analytics 45

Analytics Privacy Compliance Marketing 45

Collibra

MAY 16, 2022

Consider the examples from our peer industries: Operational Risk. Cyber Security. The SEC mandates this stating firms cannot be in a “ position of auditing their own work” (SOX 2002). . Observability partners well with correction, but merging inspection and action often leads to further complications.

Risk 91

Risk Government Financial Services Access 91

IBM Big Data Hub

FEBRUARY 8, 2024

This helped normalize the practice of ESG reporting and by 2002, 245 companies had responded to the 35 investors who asked for climate disclosures. Some prominent examples include the Principles for Responsible Investment (PRI), the Climate Disclosure Standards Board (CDSB) and the Sustainability Accounting Standards Board (SASB).

Government 86

Government IT Risk Security 86

AIIM

OCTOBER 30, 2017

Finally, automated scan workflows can define the document destination for example, a third party repository, an on-premise shared folder or line of business application. For example, the workflow may prompt the user to select from a menu the type of document which becomes part of the filename along with the date the scan is made.

e-Delivery 89

e-Delivery File names Compliance ECM 89

The Last Watchdog

MAY 2, 2019

I often see a sizable gap between perceptions and reality among many SMB leaders,” Troy Gill a senior security analyst at AppRiver told me. I had the chance at RSA 2019 to discuss the SMB security landscape at length with Gill. They don’t know what they don’t know, and this lack of preparedness often aids and abets cybercriminals.”

Risk 182

Risk Cybersecurity Passwords Ransomware 182

Adam Shostack

APRIL 14, 2021

Microsoft has been trying to get folks to apply critical security patches to address a problem that’s being actively exploited. For example, see our Timing the Application of Security Patches for Optimal Uptime , Usenix Lisa 2002). (For The two stories are intimately related to people not wanting to roll patches.

Government 49

Government Security IT 49

Data Matters

MARCH 21, 2022

Congress has passed a significant new cybersecurity law that will require critical infrastructure entities to report material cybersecurity incidents and ransomware payments to the Cybersecurity and Infrastructure Security Agency (CISA) within 72 and 24 hours, respectively. 651, et seq. a supply chain compromise.

Ransomware 97

Ransomware Cybersecurity Agriculture Communications 97

The Last Watchdog

JUNE 7, 2023

Back in 2002, when I was a reporter at USA Today , I had to reach for a keychain fob to retrieve a single-use passcode to connect remotely to the paper’s publishing system. Related: A call to regulate facial recognition This was an early example of multifactor authentication (MFA). I’ll keep watch and keep reporting.

Cloud 188

Cloud Security Authentication Encryption 188

Hunton Privacy

JULY 1, 2013

For example, international data transfers outside of Croatia are only allowed when an adequate level of protection of personal data is ensured (unless a derogation applies). In 2003, Croatia adopted the Act on Personal Data Protection (the “Act”), which it subsequently amended in 2006, 2008 and 2011.

Personal data 40

Personal data IT Compliance Communications 40

Hunton Privacy

MARCH 28, 2014

The Opinion goes beyond considering the notification obligations contained in the e-Privacy Directive 2002/58/EC , which requires telecommunications service providers to notify the competent national authority of all data breaches. The European Parliament recently formally adopted the compromise text of the Proposed Regulation.

Data breaches 40

Data breaches Personal data Privacy Encryption 40

CILIP

DECEMBER 9, 2019

As with our information and knowledge Learning Providers, these degrees have been judged against the Professional Knowledge and Skills Base tool (PKSB) and demonstrate the breadth of experience and attributes required for a skilled information professional in the security sector? Ross Harris, Information & Cyber Programme Director said ?

Military 40

Military Education Libraries Government 40

Hunton Privacy

JANUARY 17, 2011

On January 14, 2011, the European Network and Information Security Agency (“ENISA”), which was created to enhance information security within the European Union, published a report entitled “ Data breach notifications in the EU ” (the “Report”).

Data breaches 40

Data breaches Information Security Security Privacy 40

Schneier on Security

MARCH 13, 2019

In security and privacy, the devil is always in the details -- and Zuckerberg's post provides none. For example, it could allow users to turn off individually targeted news and advertising. Better security for collected user data. Facebook has a large and skilled product security team that says some of the right things.

Privacy 86

Privacy Encryption Access Metadata 86

Hunton Privacy

DECEMBER 2, 2014

of the e-Privacy Directive 2002/58/EC (as amended by Directive 2009/136/EC) to device fingerprinting. It also provides practical guidance by providing six example scenarios, and indicating in each example whether the processing is exempt from the consent requirement. Adapting the user interface to the device.

Privacy 40

Privacy Analytics Communications Access 40

ARMA International

SEPTEMBER 22, 2021

For example, once a health record has met the regulatory requirements, the record can be anonymized and kept for years for such purposes as medical research and predictive analytics. See Table 1 listing some common examples of the “art of the possible. See Table 2 for a few examples.

Digital transformation 52

Digital transformation Content services IT e-Discovery 52

eDiscovery Daily

MARCH 13, 2019

The Enron emails were originally in Lotus Notes databases, so the PSTs created aren’t a perfect rendition of what they might look like if they originated in Outlook (for example, there are a lot of internal Exchange addresses vs. SMTP email addresses), but it still has been a really useful good sized collection for demo and test data.

Data Privacy 52

Data Privacy Education Privacy IT 52

Data Matters

APRIL 20, 2020

Following the Supreme Court’s judgment, if an employee commits a statutory or common law tort for personal reasons (for example, as part of a personal vendetta) and not in circumstances closely connected to the ordinary course of their employment, the employer is unlikely to be vicariously liable for his or her conduct. 2 [2002] UKHL 48.

Data breaches 68

Data breaches GDPR Privacy IT 68

Hunton Privacy

DECEMBER 16, 2011

of the revised e-Privacy Directive 2002/58/EC (the “cookie clause”). The Working Party gives the following examples of cookies that would not require informed consent: A secure login session cookie, which identifies a user from the moment he/she has logged-into his/her session.

Privacy 40

Privacy Compliance Communications Security 40

eSecurity Planet

JUNE 17, 2021

Naturally, database vendors are leading providers of database security tools, and a growing number of cloud-based database providers are moving deeper into the data security space. Security is paramount. Starting our list of the top database security vendors is the multinational cloud computing company, Alibaba Cloud.

Security 106

Security Cloud Encryption Computer and Electronics 106

Hunton Privacy

MAY 19, 2011

According to the Working Party, the EU E-Privacy Directive 2002/58/EC (“e-Privacy Directive”) is only relevant to geolocation data processing by telecommunications operators. The Working Party also encourages the creation of online platforms that provide users with secure access to their data.

Personal data 40

Personal data Privacy Access Compliance 40

eDiscovery Daily

FEBRUARY 19, 2018

CloudNine has developed a “4S” focus on speed, simplicity, security, and services. For example, you can filter out any emails with domains from @ espn.com or @nytimes.com since sports scores and news headlines are probably not going to be relevant to your matter. CloudNine has been around since 2002 headquartered in Houston, Texas.

Computer and Electronics 34

Computer and Electronics Metadata Analytics Cloud 34

ChiefTech

SEPTEMBER 17, 2012

However, they had no intention of implementing any kind of sophisticated security or access control system. Some called it knowledge management, but in 2002 Clay Shirky - more correctly - defined it as 'social software'. Facebook was launched at in 2004 , attracting its first 1,200 users in the first 24 hours of its existence.

Cloud 89

Cloud Computer and Electronics Communications Paper 89

Thales Cloud Protection & Licensing

SEPTEMBER 26, 2019

For example, a standard SSL certificate is 2~4 KB and the typical depth of the chains of certificates is around 3~4. 8,9]) combines signature and encryption in a secure way, providing efficient joint authentication and encryption. Suppose a user Alice works at Thales e-Security in Cambridge. This type of scheme (e.g., [8,9])

e-Delivery 91

e-Delivery Encryption Authentication Government 91

Schneier on Security

FEBRUARY 28, 2024

One possible solution, touted by former Department of Homeland Security Secretary Michael Chertoff on a recent podcast , would be for the federal government to step in and help pay for these sorts of attacks by providing a cyber insurance backstop. 11, 2001, terrorist attacks. Future attacks are not likely to receive the same determination.

Insurance 94

Insurance Government Cybersecurity Risk 94

Data Protection Report

JUNE 29, 2018

Similar to GDPR, the law does contain some exceptions, including: information necessary to complete transactions; detect security breaches; protect against illegal activity; or to enable internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business.

Privacy 40

Privacy GDPR Personal data Risk 40

Data Protection Report

JUNE 29, 2018

Similar to GDPR, the law does contain some exceptions, including: information necessary to complete transactions; detect security breaches; protect against illegal activity; or to enable internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business.

Privacy 40

Privacy GDPR Personal data Risk 40

ChiefTech

SEPTEMBER 17, 2012

However, they had no intention of implementing any kind of sophisticated security or access control system. Some called it knowledge management, but in 2002 Clay Shirky - more correctly - defined it as 'social software'. Facebook was launched at in 2004 , attracting its first 1,200 users in the first 24 hours of its existence.

Cloud 40

Cloud Computer and Electronics Communications Paper 40

IBM Big Data Hub

FEBRUARY 6, 2024

Internet companies like Amazon led the charge with the introduction of Amazon Web Services (AWS) in 2002, which offered businesses cloud-based storage and computing services, and the launch of Elastic Compute Cloud (EC2) in 2006, which allowed users to rent virtual computers to run their own applications.

Cloud 109

Cloud Digital transformation e-Delivery Compliance 109

ForAllSecure

MAY 27, 2021

If you’re struggling to understand how to get your application security testing program off the ground, you wouldn’t be the first. The cyber security market has found that this principle is applicable in software security risk management as well. Find comfort in knowing that this is a common struggle. Known to Other.

Risk 52

Risk Libraries Marketing Security 52

ForAllSecure

MAY 27, 2021

If you’re struggling to understand how to get your application security testing program off the ground, you wouldn’t be the first. The cyber security market has found that this principle is applicable in software security risk management as well. Find comfort in knowing that this is a common struggle. Known to Other.

Risk 52

Risk Libraries Marketing Security 52

Adam Shostack

SEPTEMBER 10, 2019

Capture the Flag Events (CTFs) and electronic Sports (eSports) are good examples of a relatively new trend. Fast forward to 2019, permanent venues and bars are now dedicated to the phenomena, with some great examples such as the eSports Arena in Las Vegas and Meltdown , an international franchise of eSports bars. Spoiler alert!

Computer and Electronics 45

Computer and Electronics Education IT Security 45

ForAllSecure

JANUARY 22, 2023

Having a common framework around vulnerabilities, around threats , helps us understand the information security landscape better. Literally, how the rebellion fighting the Empire has echoes in how we approach and mitigate information security threats. He’s the author of the acclaimed Threat Modeling: Designing for Security.

Cloud 40

Cloud Security IT Authentication 40

ForAllSecure

MAY 26, 2022

The US Justice Department says it will no longer prosecute good-faith security researchers, but what constitutes good-faith security research? It will no longer prosecute good-faith security research that would have otherwise violated the Computer Fraud and Abuse Act (CFAA). Is hacking a crime? Who is responsible?

IT 52

IT Security Marketing Privacy 52

ForAllSecure

MAY 2, 2023

That, of course, was not all, but it is an example of how someone -- anyone on the internet -- can take a photo or blog post or Yelp review from social media, or some other seemingly random open source item and tie it back to a crime. VAMOSI: Here’s former US Attorney General John Ashcroft in 2002. Daniel provides an example.

IT 40

IT Sales Security Honeypots 40

Scary Beasts Security

MARCH 29, 2017

Side notes: box.com security and response I had a sufficiently unusual experience talking to Box that it's worth a few dedicated notes. All I have is some language that says everything is fine and that the security posture was improved, without saying if my reports were accurate or rejected. plane is not validated.

Communications 25

Communications IT Security 25