My Fascination with Amazon Go

My Fascination with Amazon Go

Amazon Go Recently, Amazon unveiled the world’s first completely self-service, no checkout, grocery store — and it’s really captured the public’s imagination. Lines have stretched around the block to try the new, “no-line” experience. It’s the new topic of water cooler, coffee shop, and morning t.v. conversation. And
How the Cloud Has Changed the Construction Industry

How the Cloud Has Changed the Construction Industry

Cloud Construction Industry Cloud and remote computing have transformed the modern world in many ways. One may not expect so, but the technology has even taken hold in completely unrelated industries — construction and development is a great example. Why It’s so Helpful What makes
Secure Business Agility

Why Information Security Need to be Empowered to Manage Data Breaches

Manage Data Breaches

2017 saw over 2 dozen major security breaches in 2017.  While the public may have grown numb to the number and constant stream of data breaches reported, outrage has been building around the delays in accompanying disclosures of those breaches and questionable actions that have occurred in between when a data breach has occurred and when it’s been reported.  Those questionable actions have included company executives selling stock and paying hackers a ransom.  Sometimes data breaches have also been reported by independent bloggers before the businesses officially reported them as was the case with both Target and Nieman Marcus.  And, despite the delayed reporting of many data breaches, businesses have still needed to update the public on a bigger than initially reported scope of breach.

Manage Data Breaches

A breach investigation can typically take weeks or even months before most businesses feel they know enough to disclose. In the past, businesses have typically concerned themselves with fixing the security vulnerability or issue from which the breach arose and then worrying about reporting.  Previously, regulation in Europe and in the United States with its patchwork of state laws gave companies leeway on times to report, with only a handful of states requiring notice within 45 days, and even then, with some exceptions.

Shifts in Regulatory Landscape around Data Breaches

A measure was recently introduced in the United States Congress that could impose new criminal penalties on anyone convicted of “intentionally and willfully” concealing a data breach, including fines and up to five years imprisonment, or both. The much-hyped General Data Protection Regulation (GDPR) that was enforced on May 25 specifies that the supervisory authority must be notified of a breach within 72 hours of its discovery and failure to do so could carry hefty consequences of up to up to 4% of annual global turnover or €20 Million.

Empowering Security Teams to Become Collaborative Across the Organization

As the regulatory landscape becomes more complex, security teams will have to step up as will company executives. It will require businesses to have much more than a plan in place and to be able to assemble what has occurred with immediacy if they are to disclose quickly and without incurring other areas of liability.  Businesses need to have an automated way to obtain a “single source of truth” that draws feeds from security tools, social media and other company collaboration tools for a complete view of breach-related activity.

The picture that is emerging for security teams is that data breaches need to be elevated to a business level immediately and in a way that limits potential complications surrounding the breach.  Without tooling for collaborative and secured communications businesses will face enormous legal and regulatory challenges not to mention reputation and business continuity issues as they struggle to fulfill disclosure obligations.

By Evelyn de Souza

Evelyn de Souza

Evelyn de Souza focuses on developing industry blueprints that accelerate secure cloud adoption for business as well as everyday living. She currently serves as the Chair of the newly formed Cloud Security Alliance (CSA) data governance and privacy working group. Evelyn was named to CloudNOW's Top 10 Women in Cloud Computing for 2014 and SVBJ’s 100 Women of Influence for 2015. Evelyn is the co-creator of Cloud Data Protection Cert, the industry's first blueprint for making data protection "business-consumable” and is currently working on a data protection heatmap that attempts to streamline the data privacy landscape.

Technology Certification Courses

AWS S3 Outage & Lessons in Tech Responsibility From Smokey the Bear

AWS S3 Outage & Lessons Earlier this week, AWS S3 had to fight its way back to life in the ...
Back to the Future: 2018 Big Data and Data Science Prognostications

Back to the Future: 2018 Big Data and Data Science Prognostications

“We should study Science Fiction in order to understand what someday could become Science Fact.” – Dr. Who? Doc Brown? ...
Safeguarding Data Before Disaster Strikes

Safeguarding Data Before Disaster Strikes

Safeguarding Data  Online data backup is one of the best methods for businesses of all sizes to replicate their data ...
Part 1 - How Cloud Apps Are Making Businesses More (and Less) Secure

Part 1 – How Cloud Apps Are Making Businesses More (and Less) Secure

Cloud Apps Security Today, more than ever before, employees are working while on-the-go. The ease with which a worker can ...
5 Data Security Tips Small Businesses Should Mimic

5 Data Security Tips Small Businesses Should Mimic

Data Security Tips As more and more companies begin to switch to the cloud, cyber attacks need to be a ...