RADAR Blog

Doug Kruger, Vice President of Business Development

GDPR - where are we now? A Year in Review

For the past year, the privacy and security world has kept a laser-like focus on the European Union’s General Data Protection Regulation (GDPR). And what a year it’s been. More than 59,000 personal data breaches were reported across Europe from the enforcement date of GDPR on May 25, 2018, to International Data Protection Day on January 28, 2019.

Read more

On Our Radar: April 12, 2019

My work with RADAR has afforded me the opportunity to attend a number of privacy events in the past few years. Just this week I had the pleasure of attending the American Bankers Association RIsk Management Conference in Austin. This event, which covered a wide range of risk concerns for banking professionals, surfaced many conversations about breach notification requirements and the challenges facing privacy professionals.

Read more

Evaluating Incident Response Solutions: Why a Fortune 150 Financial Company Selected RADAR

Privacy and security incidents that expose sensitive customer data happen all the time, and when they do, you have to act quickly and strategically. The right technology for managing your incident response process is crucial to protecting your customers and your organization against breach risks.

Read more

Beating the High Cost of Inefficient and Inconsistent Processes with Privacy Automation

As privacy grows in importance, so does the need for effective incident response management. Ideally, this includes consistent processes, well-established policies and procedures, collaboration across departments, and proof of compliance. The reality is often a lot different—and a lot more chaotic.

Read more

The One Challenge We’re all Too Familiar With: Lack of Budget For Incident Response

“There is only one amount of money—just not enough,” author Andrew Kaufman once wrote. Many departments in an organization feel the financial pinch, especially privacy teams, who face the challenge of completing herculean tasks on a small budget. Privacy budgets tend to be microscopic compared to those of security or IT/infosec teams. Thus, critical privacy activities such as incident response often get lower budgetary priority than new cybersecurity initiatives—and when that happens, the entire organization is at risk.

Read more

Hitting a Moving Target: The Challenge of Ever-Changing Breach Notification Laws

The only constant in life is change, and few things in the world of privacy and data protection are evolving as much as breach notification laws. These regulations are more stringent, specific, and numerous than ever before. The constant shifting of breach notification laws makes compliance not a one-and-done activity, but requires constant vigilance to keep abreast of changes.

Read more

Finding the "Hidden Picture": The Challenge of Incident Detection and Escalation

Constant threats to sensitive data lurk in every corner of your organization, from hard-to-detect malware to busy employees. Thus, you can bet with 100% certainty that your organization has had, is having, or will have a data privacy incident—numerous incidents in fact. Each incident must be risk assessed against the latest breach notification laws to determine if you have a notifiable breach on your hands.

Read more

Tackling the Top 4 Challenges of Managing Incident Response

Wherever data goes, risk follows close behind, particularly the risk of unauthorized access and disclosure—in other words, a data privacy or security incident. Whether they realize it or not, every organization regardless of size or industry has experienced and will experience their share of privacy incidents.

Read more

Too Much or Too Little? The Risks of Under- or Over-reporting Incidents

Data privacy and security incidents occur all the time; the 2018 Verizon Data Breach Investigations Report covers a mind-boggling 53,000-plus incidents. Incidents come in all shapes and sizes—electronic, paper, even verbal or visual. They can be as simple as an improperly mailed billing statement or as complex as a highly coordinated cyber-attack on millions of consumers’ financial records. Every single one of these incidents must be risk assessed to determine if they are breaches requiring notification. 

Read more

Scaling the Privacy Program: Technology Eases Change Management for Fortune 20 Company

The last year in the realm of privacy has been one of tremendous growth.

Read more

What Security Detects, Privacy Assesses: Making Breach Determination a Team Effort

Privacy and information security often live in their own silos, an impractical separation that puts both an organization and its customers at risk from a data breach. This risk occurs when a security incident—say, a malware attack that exposes customer information—is remediated without undergoing a proper risk assessment to determine if it is a reportable breach.

Read more

Closing the Loop on Incident Response: an Ecosystem of Solutions

Many types of software tools and services exist to help organizations manage their incident response process. These range from workflows offered by compliance platforms to an emerging class of purpose-built software that focuses on incident response. And each type of tool provides a unique contribution to the overall incident response process.

Read more

Decisions, Decisions...The Incident Response Process Illustrated

Responding to privacy and security events naturally brings up a whole host of questions. What happened? What technology, people or data elements were involved? Was regulated data exposed? How? What has been done to mitigate the security risk? What must be done to remain compliant with privacy laws?

Read more