RadarFirst Blog

Mahmood Sher-Jan, CHCP, CEO and Founder

CEO, RADAR

Find me on:

Evaluate Your Privacy Incident Response Program: Introducing New Quarterly Benchmarking Metrics

If you’ve ever participated in an organized sport, you’re likely well aware of the importance of context when it comes to evaluating your performance as a player. Say, for example, I play soccer every weekend (which I do). Let’s imagine I’m arguably the best defender on my team - or even across all the recreational players involved (it’s fun to pretend). I might start feeling pretty good about myself, and how I perform on the pitch. Now imagine I’m suddenly pulled into an MLS game, playing against professionals in the field. I might be a good player on a limited bench - on weekends, playing against other amateur enthusiasts, but in a larger scale I cannot rank or make the cut.

Read more

Incident response ROI: Benchmarking data to secure budget, prove value

Around the office the last few months, we’ve taken to referencing a famous quote by Arthur Nielsen:  “the price of light is less than the cost of darkness.”

Read more

On Our Radar: September 27, 2019

This week has really been one for the books. 

Read more

How long should it take to risk score and reach a notification decision for a privacy incident?

If you’ve been in the privacy world for any amount of time, you recognize there has been a marked increase in the speed at which our world operates. New threats to our data are introduced every day. With the expanding scope of what constitutes protected and sensitive data, the number of privacy cases we must manage at any given time is increasing.

Read more

USAA Receives the Inaugural Kevin Padrick Privacy Excellence Award at RADAR User Summit

If you’re a privacy professional, Portland in August is the place to be. Earlier this month, our team had the pleasure of hosting privacy and legal professionals from domestic and global companies obligated to consumer data protection obligations at our 2nd annual RADAR User Summit.

Read more

Benchmarking Data and CCPA: Data Points to the Risk of Over-Reporting Under Emerging Regulations

This article is part of an ongoing series on privacy program metrics and benchmarking for incident response management, brought to you by RADAR. Read the original article on the IAPP Privacy Advisor.

Read more

Creating a Unified Framework for Global Incident Response

This week marks a milestone in the accelerated growth of RADAR as we open the doors to our new and expansive headquarters in downtown Portland, Oregon. This office move - though only a few blocks down the road from our former office - is a signifier of the growth our organization has gone through over the last few years, which kicked into hyper growth since becoming a part of the Vista Equity Partners’ portfolio. From the initial spark of an idea in 2009 that would develop into RADAR and ultimately becoming an independent well funded company in 2016, to the investment from Vista Equity Partners in November 2018, the product and company have seen tremendous advancements. Our commitment to innovation and our mission to establish the industry standard for a unified, global incident response management platform means that we aren’t slowing down any time soon.

Read more

Faster Time to Privacy Incident Decision: How to Accelerate Breach Notification Timeframes

This article is part of an ongoing series on privacy program metrics and benchmarking for incident response management, brought to you by RADAR. Read the original article on the IAPP Privacy Advisor.

Read more

Global Impacts of the GDPR - One Year Later

Preparing for the GDPR was a herculean effort for many. Now here we are, one year later, and the tide of GDPR fervor has ebbed, but not significantly receded – after all, achieving compliance is a marathon, not a sprint!

Read more

Benchmarking Data on the First Anniversary of the GDPR

This article is part of an ongoing series on privacy program metrics and benchmarking for incident response management, brought to you by RADAR. Read the original article on the IAPP Privacy Advisor.

Read more

On Our Radar: May 3, 2019

One of the biggest annual events in privacy, the IAPP Global Privacy Summit, is currently taking place in Washington D.C. If you’re in attendance, come find me at the RADAR booth (#107!) for conversations on all things privacy, incident response, and data breach regulations.

Read more

Benchmarking for GDPR: How often are organizations reporting data breaches to authorities and subjects?

This article is part of an ongoing series on privacy program metrics and benchmarking for incident response management, brought to you by RADAR. Read the original article on the IAPP Privacy Advisor.

Read more

Anatomy of a Privacy Incident: Webinar Q&A

The recent webinar Anatomy of A Privacy Incident: Data Breach Response and Investigation Best Practices dove into the best practices for designing an incident response program that encourages an organization-wide culture of compliance. Panelists Andrew Reeder from Rush University Medical Center and Asra Ali from Healthscape Advisors lead a lively discussion into the ins and outs of compliance programs, covering topics ranging from common presumptions and best practices for managing the phases of incident response within an organization. 

Anatomy of a Privacy Incident:  Data Breach Response and Investigation Best Practices  Request the webinar recording > Read more

How often do notification exceptions apply? We look to the data

This article is part of an ongoing series on privacy program metrics and benchmarking for incident response management brought to you by RADAR. Find earlier installments of this series here.

Read more

Are organizations meeting their notification obligations when timelines are specified?

This article is part of an ongoing series on privacy program metrics and benchmarking for incident response management, brought to you by RADAR, a provider of purpose-built decision-support software designed to guide users through a consistent, defensible process for incident management and risk assessment. Find earlier installments of this series here. 

Once an incident has been discovered, the clock starts ticking. Privacy officers and their teams must immediately investigate the incident, perform a multi-factor risk assessment according to all applicable jurisdictions to determine if the incident rises to the level of a data breach, and notify affected individuals, regulators, and authorities — often within a very short time frame. It can be a daunting task, compounded by the need to keep up with an ever-changing patchwork of data breach regulations, both enacted and proposed, each with their own unique requirements. 

Read more