[Category Archive]
Hiro Sugano: 2014年1月
[Category Archive]
[Divider]
2014年1月27日 14:51
Security breaches are expensive and harmful to an entities' reputation. It is
believed that the 2011 breach of Sony's Play Station network, when personal information of 77
million users was compromised, cost Sony $171 million and harmed its
reputation substantially. Target's costs could conceivably be more than this amount even though only 40 million people were impacted.
Security breaches also affect small to midsize entities. In 2011, hackers obtained customer credit card information (which was not encrypted) from the Briar Group that owns and operates about 10 restaurants in Massachusetts. Because of its failure to encrypt the information, the Briar Group paid $110,000 in penalty and agreed to implement certain procedures to safeguard personal information. Incidentally, the Briar Group was hacked again last October. Whether it is found to be responsible in anyway remains to be seen.
So, what should businesses know to protect themselves to the extent possible? First, you should know the security breach laws that apply. Second, you should fully understand the environment where you maintain your customers' data and which of your service providers has access to this environment. Third, you should work with your legal and IT team to implement policies and procedures to protect you as best as possible. In addition, you should protect yourself in contracts with third party service providers. Damage control in case of security breach should start today and not when there is a breach -- by then it is too late.
Security breaches also affect small to midsize entities. In 2011, hackers obtained customer credit card information (which was not encrypted) from the Briar Group that owns and operates about 10 restaurants in Massachusetts. Because of its failure to encrypt the information, the Briar Group paid $110,000 in penalty and agreed to implement certain procedures to safeguard personal information. Incidentally, the Briar Group was hacked again last October. Whether it is found to be responsible in anyway remains to be seen.
So, what should businesses know to protect themselves to the extent possible? First, you should know the security breach laws that apply. Second, you should fully understand the environment where you maintain your customers' data and which of your service providers has access to this environment. Third, you should work with your legal and IT team to implement policies and procedures to protect you as best as possible. In addition, you should protect yourself in contracts with third party service providers. Damage control in case of security breach should start today and not when there is a breach -- by then it is too late.
[Divider]
投稿者:
Hiro Sugano
| カテゴリ: IT - Security Breach | 固定リンク
[Professionals]
[Professionals]
[Category]
[Category]
[Recent Entries]
[Recent Entries]
[Back Number]
- 2014年2月 (3)
- 2014年1月 (1)
- 2013年11月 (1)
- 2013年3月 (1)
- 2013年1月 (2)
- 2012年10月 (1)
- 2012年5月 (6)
- 2012年4月 (2)
- 2012年3月 (1)
- 2012年1月 (2)
- 2011年12月 (1)
- 2011年11月 (1)
- 2011年8月 (1)
- 2011年6月 (1)
- 2011年3月 (1)
- 2010年7月 (4)
- 2009年8月 (1)
- 2009年7月 (1)
- 2009年5月 (1)
- 2009年4月 (1)
- 2009年3月 (1)
- 2009年2月 (2)
- 2009年1月 (1)
- 2008年12月 (1)
- 2008年9月 (1)
[Back Number]