The Internet of (Retail) Things: How mPOS Systems Make Buying Stuff High-Tech

The Internet of (Retail) Things: How mPOS Systems Make Buying Stuff High-Tech

mPOS Systems On The Rise Modern society is increasingly connected — and mobile. Those realities have also carried over to how people buy things, specifically, mobile point-of-service (mPOS). These devices let merchants and service providers simplify making and processing payments by carrying out those duties
Five Network and Security Trends You Can Expect this Year

Five Network and Security Trends You Can Expect this Year

Network and Security Trends As we came to the beginning of 2018, it can be useful to take a look at trends in networking and security that we may see in the coming year. This way, your organization can compare itself to the industry and

CONTRIBUTORS

Make Your Smart Device Even Smarter By Answering These 4 Questions

Make Your Smart Device Even Smarter By Answering These 4 Questions

Make Your Smart Device Even Smarter The Internet of Things (IoT) has reached the peak of its hype cycle for emerging technologies, ...
Determining the Economic Value of Data

Determining the Economic Value of Data

[Note: I have been trying to write this blog for several years.  But instead of trying to perfect the concept, perhaps ...
Three Tips To Simplify Governance, Risk and Compliance

Three Tips To Simplify Governance, Risk and Compliance

Governance, Risk and Compliance Businesses are under pressure to deliver against a backdrop of evolving regulations and security threats. In ...

RECENT NEWS

The New Industrial Revolution – According to the WSJ

The New Industrial Revolution – According to the WSJ

The insert in today’s US print edition of the Wall Street Journal is called The New Industrial Revolution. The paper updates ...
Amazon picks New York City, Virginia for $5 billion new headquarters

Amazon picks New York City, Virginia for $5 billion new headquarters

SAN FRANCISCO (Reuters) - Amazon.com Inc (AMZN.O) said on Tuesday it will build offices for up to 25,000 people in ...
Batteryless smart devices closer to reality

Batteryless smart devices closer to reality

Researchers at the University of Waterloo have taken a huge step towards making smart devices that do not use batteries ...
Pressure grows on Zuckerberg to attend Facebook committee hearing

Pressure grows on Zuckerberg to attend Facebook committee hearing

Australia, Argentina and Ireland join UK and Canada in urging Facebook CEO to give evidence to parliaments Parliamentary committees from ...
Alibaba's on-demand online services unit valued at $30 billion: sources

Alibaba’s on-demand online services unit valued at $30 billion: sources

HONG KONG (Reuters) - Alibaba Group’s newly formed on-demand online services unit has rocketed in value to as much as ...
Secure Business Agility

Why Information Security Need to be Empowered to Manage Data Breaches

Manage Data Breaches

2017 saw over 2 dozen major security breaches in 2017.  While the public may have grown numb to the number and constant stream of data breaches reported, outrage has been building around the delays in accompanying disclosures of those breaches and questionable actions that have occurred in between when a data breach has occurred and when it’s been reported.  Those questionable actions have included company executives selling stock and paying hackers a ransom.  Sometimes data breaches have also been reported by independent bloggers before the businesses officially reported them as was the case with both Target and Nieman Marcus.  And, despite the delayed reporting of many data breaches, businesses have still needed to update the public on a bigger than initially reported scope of breach.

Manage Data Breaches

A breach investigation can typically take weeks or even months before most businesses feel they know enough to disclose. In the past, businesses have typically concerned themselves with fixing the security vulnerability or issue from which the breach arose and then worrying about reporting.  Previously, regulation in Europe and in the United States with its patchwork of state laws gave companies leeway on times to report, with only a handful of states requiring notice within 45 days, and even then, with some exceptions.

Shifts in Regulatory Landscape around Data Breaches

A measure was recently introduced in the United States Congress that could impose new criminal penalties on anyone convicted of “intentionally and willfully” concealing a data breach, including fines and up to five years imprisonment, or both. The much-hyped General Data Protection Regulation (GDPR) that was enforced on May 25 specifies that the supervisory authority must be notified of a breach within 72 hours of its discovery and failure to do so could carry hefty consequences of up to up to 4% of annual global turnover or €20 Million.

Empowering Security Teams to Become Collaborative Across the Organization

As the regulatory landscape becomes more complex, security teams will have to step up as will company executives. It will require businesses to have much more than a plan in place and to be able to assemble what has occurred with immediacy if they are to disclose quickly and without incurring other areas of liability.  Businesses need to have an automated way to obtain a “single source of truth” that draws feeds from security tools, social media and other company collaboration tools for a complete view of breach-related activity.

The picture that is emerging for security teams is that data breaches need to be elevated to a business level immediately and in a way that limits potential complications surrounding the breach.  Without tooling for collaborative and secured communications businesses will face enormous legal and regulatory challenges not to mention reputation and business continuity issues as they struggle to fulfill disclosure obligations.

By Evelyn de Souza

Evelyn de Souza

Evelyn de Souza focuses on developing industry blueprints that accelerate secure cloud adoption for business as well as everyday living. She currently serves as the Chair of the newly formed Cloud Security Alliance (CSA) data governance and privacy working group. Evelyn was named to CloudNOW's Top 10 Women in Cloud Computing for 2014 and SVBJ’s 100 Women of Influence for 2015. Evelyn is the co-creator of Cloud Data Protection Cert, the industry's first blueprint for making data protection "business-consumable” and is currently working on a data protection heatmap that attempts to streamline the data privacy landscape.

Cloud Community Supporters

(ISC)²
Cisco
SAP
CA Technologies
Dropbox

Cloud community support comes from (paid) sponsorship or (no cost) collaborative network partnership initiatives.