RadarFirst Blog

What Is Your Incident Readiness IQ?

They say that nothing in life is certain but death and taxes. In the business world, there is another certainty: privacy and security incidents involving sensitive customer data. Verizon’s 2016 Data Breach Investigations Report covers more than 64,000 incidents, and in BakerHostetler's 2016 Data Security Incident Response Report, the law firm points out that incidents affect all industries.

Read more

Trends in Data Breach Notification Law: Content, Format, Font Size, and More

Today we continue our weekly blog series focused on 2016 trends in data breach notification law. Click below to catch up on previous installments:

Read more

Trends in Data Breach Notification Law: Timely Notifications

Today we’re continuing our series of data breach notification law trends. If you missed the first part of the series, check out our discussion of the biggest trend in 2016, as well as our post focused on the expanding scope of personal information.

Read more

Everyday Events, Inevitable Incidents, and Data Breach Disasters

The Four Categories of Data Occurrences

In today’s threat-filled world, sensitive customer information is constantly at risk for exposure. Cyber attacks, ransomware, spear phishing, malware, system & process failure, employee negligence, lost or stolen devicesthe list of dangers goes on.

Read more

Trends in Data Breach Notification Law: Getting Personal (Information)

At any given time, the RADAR regulatory team is busy monitoring, tracking, and preparing for proposed and pending changes to data breach notification law.

As a RADAR product manager specializing in regulatory content, I have a front row view of the work that goes into ensuring RADAR is kept up-to-date with the latest advances in data breach notification law. As part of that work, the regulatory team has identified a number of trends that we expect to continue through 2016. Last week we covered an overarching trend towards increased stringency and specificity.

This week, we will dive a bit deeper into one aspect of this increased stringency as it relates to personal information and incident assessment.

Read more

Navigating the Breach Regulatory Maze: Proper Incident Risk Assessment and Response

This article originally published on ISACA Now, April 2016. Click here to read the article on ISACA Now. 

Read more

RADAR® Wins Two Prestigious Awards

RADAR Team Wins Gold for Product Development, Management Team of the Year; RADAR, Incident Response Management Platform, Wins Bronze for Innovation in Compliance by Info Security 2016 Global Excellence Awards

Read more

Information Security: It takes an Ecosystem

This article originally published in KM World Magazine, March 2016. Click here to read the full article.

Read more

Montana and Connecticut Amend Data Breach Notification Statutes

In a continued trend of states extending their data breach laws to better protect residents, Montana and Connecticut passed legislation earlier this year that went into effect October 1, 2015. Both Montana’s H.B. 74 and Connecticut’s S.B. 949 increase the stringency of data breach notification obligations for businesses that own, license, or maintain computerized data that includes personally identifiable information (PII). Montana and Connecticut are two of the most recent states to pass or modify such legislation (see recent changes in Wyoming as well), which to date extends to nearly all U.S. states and territories.

Read more

2015: The Year of Incident Response

A new cyber-risk handbook from the National Association of Corporate Directors states the case bluntly: “If a sophisticated attacker targets a company’s systems, they will almost certainly [be breached].”[1] For the last decade and more, privacy and security professionals have focused on preventing data breaches. Yet the most massive breaches in history have happened within the last year, despite millions invested in information security. The reason is simple: there is great economic value to cyber-criminals, foreign governments, and other organizations in stealing information. According to some estimates, between  $9 trillion and $21 trillion of global economic value could be at risk from cyber attacks. Teams of cyber-attackers are using increasingly sophisticated tactics to deploy malware and mount multi-stage attacks that search for security holes until they find a way in.

Read more