Case Study: Enhancing Endpoint Security

Data Breach Today

Because it's inevitable that some attackers will get around defenses, Kettering Health Network added an extra layer of endpoint security to help mitigate the risks posed by ransomware and other cyberthreats, says Michael Berry, director of information security.

Case Study: How IU Health Manages Vendor Security Risk

Data Breach Today

What are some of the most important aspects in managing vendor security risk when taking on third-parties to handle sensitive data? Mitch Parker, CISO of Indiana University Health, explains the critical steps his organization is taking in its approach to vendor risk

Risk 116

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The Data Breach Case Study & Protection Guide

Record Nations

What Happened Even the tiniest serious gap can pose serious risks. The post The Data Breach Case Study & Protection Guide appeared first on Record Nations. Even the tiniest security gap can lead to a data breach. After a $5.5 million settlement, Nationwide Insurance’s breach serves as just one example of the growing number of data breaches each year—making it all the more important you have protections in place.

Webinar: Case Studies on Information Governance in Microsoft 365 | 1:00pm ET on April 2, 2020

IG Guru

The post Webinar: Case Studies on Information Governance in Microsoft 365 | 1:00pm ET on April 2, 2020 appeared first on IG GURU. Breach Business Email IG News Information Governance information privacy MER Microsoft Privacy Record Retention Records Management Risk News Sponsored Webinar Atle Skejekkeland Exchange John Isaza OneDrive Sapient TeamsPresented by John Isaza, Esq.,

“Pin Down” Your Trade Secrets So the Court Can “Do Its Job” A Case Study via JD Supra

IG Guru

The post “Pin Down” Your Trade Secrets So the Court Can “Do Its Job” A Case Study via JD Supra appeared first on IG GURU. Compliance IG News Records Management Risk News Calendar Research LLC v. Although four categories of trade secrets had been identified—(1) virality capabilities (2) user interface/experience (“UI/UX”) (3) venue focus and (4) integration of third-party apps—the plaintiff had not identified any trade secrets with “sufficient specificity.”.

IT 43

eRecords 2018: “A Case Study in Data Mapping – Are You Ready for a New Norm?”

The Texas Record

Privacy – Confidential Information; Risk; PCI; PII. Before taking on this project, apply the lessons learned from KPMG case study so you do not encounter the same issues that slowed them down. Due to the complexity of information in its various forms, your local government offices and state agencies may need to create a records management data map, showing the location of the records within your organization.

Bringing Control to Information in a Cloud-First, Office 365 World: New IGI Case Study

IGI

We recently launched our new series of case studies about how professionals like you are tackling IG. In the first Snapshot we looked at how privacy compliance and IG work hand-in-hand to reduce risk and increase information value. You can read this use case and others here. IG Snapshots are compact case studies drawn from IGI’sinterviews and discussions with our community of IG practitioners.

Risk 20

Vital documents: How one biopharma company protected theirs against water damage

TAB OnRecord

Download our case study for a complete list of solutions » 1.0 Manage risk Physical filing Storage systems Case Study filing systems mobile shelving records management SprinklersMost companies have a plan in place to protect their vital documents in the event of a fire. But what if the same devices used to protect against fire, caused significant damage? The Challenge A large biopharmaceutical company was faced with this very [.] Read More.

Today We are Launching a new Series of Information Governance Case Studies

IGI

We are pleased to bring the IGI community another series of case studies about how professionals like you are tackling IG. IG Snapshots are compact case studies drawn from IGI’s interviews and discussions with our community of IG practitioners. IG has a significant impact on legal and reputational risk as well as corporate and competitive strategy.

Download Our Newest Comprehensive Case Study on Les Schwab

IGI

This case study reveals a typical but complex IG problem: managing the relationships among key IG players, incl uding: Outside law firms that play a central role in approving, blocking, and/or advising on key IG decisions (like information retention and preservation). Risk-focused departments like legal and audit that own key IG decisions. Click here to access the case study in the IGI Community.

This is the old ChiefTech blog.: Case Study: Success at Ernst & Young's Center for Business Knowledge

ChiefTech

Sunday, 20 May 2007 Case Study: Success at Ernst & Young's Center for Business Knowledge I wrote this case study, Online Collaboration Tools, Knowledge Managers, and a Cooperative Culture , in 2003 while working at Ernst & Young in Sydney, Australia, as the Ernst & Young Online Program Manager for Asia. This is the old ChiefTech blog. Nice of you to drop in and visit. However, you need to come over and see my new blog at chieftech.com.au. ©2005-2009.

Paper 44

Partner in the news: Freedom of the Press Foundation archives online journalism at risk

Archive-It

Archive-It Partner News Case Studies PressBy Karl-Rainer Blumenthal. It’s comforting to know that with the help of Freedom of Press and Archive-It, the internet never forgets. So ends a thorough report by Wired ’s Louise Matsakis on the news that the Freedom of the Press Foundation would work with Archive-It to archive the websites of alternative news outlets before new owners can change or remove their contents.

How (not) to schedule electronic messages: a case study/cautionary tale

The Schedule

This is a case where “better to ask forgiveness than permission” definitely does not apply. The text archiving plan presented at that December committee meeting, to me, risked committing some of the same mistake. Welcome to RIM Month! I have been promising/threatening my fellow Steering Committee members to write this post for a while now. My ability to write it, however, has been significantly impacted by the extent to which I have been absolutely BIFFING the process.

Archiving the Web @EBRPL: Creating and following a web collecting policy in a public library

Archive-It

By waiting for permission, the risk increases that sites will be updated or taken down, and it was impossible to expect the one archivist conducting all web archiving activities to also contact and interact with potentially hundreds of creators.

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

Related: Atrium Health breach highlights third-party risks. Mike Jordan, senior director of the Shared Assessments Program, a Santa Fe, NM-based intel-sharing and training consortium focused on third-party risks, points out that at least one of the banks that had data exposed in this latest huge data leak wasn’t even a customer of the allegedly culpable contractor. Third-party cyber risks are likely to persist at the current scale for a while longer.

Risk 120

How Information Sharing Helped Curtail WannaCry Harm

Data Breach Today

The latest ISMG Security Reports leads with a top DHS cybersecurity leader, Jeanette Manfra, providing a case study on how information sharing helped mitigate the WannaCry attack in the U.S. Also, the SEC mulls toughening its cyber risk reporting requirements

Data Breaches, Phishing, or Malware? Understanding the Risks of Stolen Credentials

Elie

In this paper, we present the first longitudinal measurement study of the underground ecosystem fueling credential theft and assess the risk it poses to millions of users. Drawing upon Google as a case study, we find 7–25% of exposed passwords match a victim’s Google account. Beyond these risk metrics, we delve into the global reach of the miscreants involved in credential theft and the blackhat tools they rely on.

This is the old ChiefTech blog.: Another Web 2.0 service model risk blown away - Google and Postini

ChiefTech

service model risk blown away - Google and Postini I noticed in this case study about a law firms decision to pick Google Apps for email and collaboration over Microsoft Exchange or IBM Lotus Domino , that they mention Google has acquired a company called Postini (actually back last year ). This is the old ChiefTech blog. Nice of you to drop in and visit. However, you need to come over and see my new blog at chieftech.com.au. ©2005-2009. ©2005-2009.

MER 2019 – CALL FOR PRESENTERS

IG Guru

We are looking for presentations on solutions to the IG challenges created by new and emerging technologies, the latest legal and regulatory developments that affect IG programs and professionals, practical advice and guidance on traditional IG challenges, and relevant case studies […].

FOIA 52

This is the old ChiefTech blog.: An interview with Barney Twinkletoes from Santa about Enterprise Web 2.0

ChiefTech

and a number of interesting case studies have appeared. I can tell you, it was pretty exciting but at the same time we felt it was a do or die situation where we had to come up with some really useful ideas that wouldnt risk our core operations. This is the old ChiefTech blog. Nice of you to drop in and visit. However, you need to come over and see my new blog at chieftech.com.au. ©2005-2009. ©2005-2009.

This is the old ChiefTech blog.: Is the term "wiki" no longer useful?

ChiefTech

However, its well worth reading Ray Simss analysis of these slides and also another wiki case study, Avenue A | Razorfish. I particularly concur with his comment about " overloading of wiki risks making the term no longer useful as descriptor of an editable web page, but rather confused as a general descriptor for an enterprise 2.0 This is the old ChiefTech blog. Nice of you to drop in and visit. However, you need to come over and see my new blog at chieftech.com.au. ©2005-2009.

Essential guidance to prevent business continuity disasters

IT Governance

A range of internal and external risks could negatively impact your organisation and interfere with the normal running of your business. It is critical that your organisation understands and effectively prepares for these risks to ensure its survival. Business continuity is a form of risk management that deals with the risk of business activities or processes being interrupted by external factors.

CIPL Releases Report on Effective Data Privacy Accountability

Hunton Privacy

The Report also includes 46 case studies from 17 participating organizations from different sectors, geographies and sizes – including two SMEs and a university. Accountable organizations proactively manage privacy risks to individuals and adopt a risk-based approach to their data privacy management program. Centre for Information Policy Leadership Information Security Uncategorized Accountability Bojana Bellamy Risk-Based Approach

Centre Discusses the Risk-Based Approach to Privacy and APEC-EU Interoperability at IAPP Brussels

Hunton Privacy

At the International Association of Privacy Professionals’ (“IAPP’s”) recent Europe Data Protection Congress in Brussels, the Centre for Information Policy Leadership at Hunton & Williams (the “Centre”) led two panels on the risk-based approach to privacy as a tool for implementing existing privacy principles more effectively and on codes of conduct as a means for creating interoperability between different privacy regimes.

Opening the House Foreign Affairs Committee web archive

Archive-It

When congressional transitions of power happen, born-digital political history is especially at risk. Case Studiesby Mark G. Bilby, Senior Assistant Librarian, California State University, Fullerton. Videos of 2013-2019 House Foreign Affairs Committee (HFAC) hearings unavailable from C-SPAN are now available for public viewing from a new web archive curated by California State University, Fullerton.

New Webinar: The latest IG Insights from Practitioners in the Trenches

IGI

We are pleased to share with you a webinar examining our new series of five case studies about how professionals like you are tackling IG. IG Snapshots are compact case studies drawn from IGI’s interviews and discussions with our community of IG practitioners. IG has a significant impact on legal and reputational risk as well as corporate and competitive strategy.

Risk 20

[Podcast] Transforming How Mortgage Insurance Applications Are Processed

AIIM

Automation can help banks lower loan processing costs, shorten cycle times, unlock visibility, and lower compliance risk. On this episode of the AIIM on Air Podcast , Kevin Craine explores an interesting case study about how Zia Consulting helped a large U.S. There may be no other industry that could benefit more from automation than the mortgage banking industry.

More Companies Are Investing in IG to Drive Business Value-Find out How in Our New Snapshot

IGI

Our just-published IG case study tells a powerful story about how IG is driving into organizations that are not traditionally thought of as “regulated” nor driven by risk. You can read this use case and others here. IG Snapshots are compact case studies drawn from IGI’s interviews and discussions with our community of IG practitioners. IG has a significant impact on legal and reputational risk as well as corporate and competitive strategy.

Risk 20

Think Analytics for IG Is a Future Technology? Think Again: The Future Is Here.

IGI

Content analytics is a way forward, as our case study makes clear. You can find this use case and others here. IG Snapshots are compact case studies drawn from IGI’s interviews and discussions with our community of IG practitioners. IG has a significant impact on legal and reputational risk as well as corporate and competitive strategy.

Risk 20

In-Person Event: A Perfect Storm? Panel Discussion on Handling a Cybersecurity Incident

HL Chronicle of Data Protection

Through an interactive case study, the panel will examine the key challenges that companies face before, during, and after a cybersecurity attack, including cybersecurity preparedness, incident response, notification requirements, and litigation and regulatory enforcement risk. Peter Marta. Arwen Handley. Philip Parish. Nicola Fulford.

Risk 43

Career Choice Tip: Cybercrime is Mostly Boring

Krebs on Security

“The message put out there is that cybercrime is lucrative and exciting, when for most of the people involved it’s absolutely not the case.”

Malicious PDF Analysis

Security Affairs

” Let’s go to our case study: I received a scan request for a PDF file that was reported to support an antivirus vendor, and it replied that the file was not malicious. The team needed evidence to prove the risk involved in the file. In the last few days I have done some analysis on malicious documents, especially PDF. Then I thought, “Why not turn a PDF analysis into an article?”

Estimating the Cost of Internet Insecurity

Schneier on Security

Studies are all over the map. A methodical study by RAND is the best work I've seen at trying to put a number on this. The results are, well, all over the map: " Estimating the Global Cost of Cyber Risk: Methodology and Examples ": Abstract : There is marked variability from study to study in the estimated direct and systemic costs of cyber incidents, which is further complicated by the considerable variation in cyber risk in different countries and industry sectors.

Risk 64

Q&A: The troubling implications of normalizing encryption backdoors — for government use

The Last Watchdog

They assert that the risk of encryption backdoors ultimately being used by criminals, or worse than that, by a dictator to support a totalitarian regime, far outweighs any incremental security benefits. In this case it’s an encryption key. Is someone’s life at risk? Venafi: Cambridge Analytica is just an amazing case study of what can happen when machines can actually pull all this information together, and the massive power of that.

Singapore Updates Its Model Artificial Intelligence Governance Framework

Data Protection Report

The Model Framework provides guidance on the following four key governance areas: Internal governance structure and measures: adapting existing or setting up internal governance structures and measures to incorporate values, risks, and responsibilities relating to algorithmic decision-making, which includes delineating clear roles and responsibilities for AI governance within an organisation, processes and procedures to manage risks, and staff training. The Compendium of Use Cases.

How to become an ISO 27001 lead implementer

IT Governance

You’ll be given a combination of theoretical study and hands-on work, including group discussions, practical exercises and case studies. If you have some knowledge of ISO 27001 and want to further your career, you should consider becoming an ISO 27001 lead implementer.

Risk 61

Destroying Barriers to Destruction

InfoGoTo

While there’s a case to be made that more destruction is occurring because of new business demands, I’m not confident that much will have changed in the intervening two years since the last survey. A CEO of a global tech company recently told me that it’s his mission to define the minimum amount of data his business requires for ML and AI in order to contain costs and reduce exposure of data to privacy and security risk.

What Can We Learn About the IG Profession from the ARMA InfoCon 2020 Taxonomy

ARMA International

Since a taxonomy is a reflection of what it organizes, in this case we’re reflecting our profession. Dark data : There is a case to be made that this should have been added last year, but we deferred then, and have added it this year.

ROT 59

Successful Information Governance when the Bosses Just Don't Care

AIIM

Risk and Compliance - In the age of GDPR , where every week brings another data breach, organizations have a duty to their customers to safeguard information, especially personal data, and to be able to demonstrate their effective handling of information. In all cases, case studies and stories can really help make the case. This will help the organization achieve its objectives while reducing its risks, and that's a story senior management will want to hear.

Book reviews: a call to arms for open licensing

CILIP

Nearly all the case studies in the second half of the book are UK-based and most deal with digitisation projects; the two exceptions are the accounts from the British Library (open metadata) and the University of Edinburgh (open educational resources). Interestingly, many of the case studies reported similar challenges, for example concerns about the impact on commercial opportunities or the difficulties in selecting the most suitable CC licence.