RadarFirst Blog

Can’t-Miss Sessions at IAPP Privacy. Security. Risk. 2017

Privacy and security teams are often painted as adversaries in compliance. While it’s true that privacy, security, and risk professionals often come from different backgrounds and interests, they are united in their shared pursuit of compliance and events like the IAPP Privacy. Security. Risk. 2017 illustrate the way these fields are converging.

Read more

Workflows and Checklists Can’t Match Automation in Privacy Incident Response

Performing a multi-factor risk assessment to determine whether an incident involving PII and/or PHI requires notification to regulatory bodies isn’t just a good practice for privacy programs–it’s a requirement for documenting and demonstrating compliance with data breach laws. Due to the misconception that any incident involving sensitive, regulated data is automatically a notifiable breach, it […]

Read more

Multi-Factor Authentication: Best Practice in Network Security and Privacy

Last month, Target reached a breach settlement of $18.5 Million in fines for the 2013 security breach that exposed the data of millions of customers across 47 states and the District of Columbia. In addition to this fine, the settlement additionally requires Target adopt a “comprehensive information security program” and includes implementing network security best […]

Read more

Is Your Security Incident a Data Breach? Uncle Sam & Regulators Want to Know

This article by Mahmood Sher-Jan was originally published in the Compliance & Ethics Blog. Click here to read the full article. As any privacy or compliance professional knows, sensitive customer information is constantly at risk for exposure. Cyber attacks, ransomware, spear phishing, malware, system and process failures, employee mistakes, lost or stolen devices—the list of […]

Read more

3 Common Misconceptions In Incident Response

This article by Mahmood Sher-Jan was originally published in the ISACA Cybersecurity News Site, The Nexus. I was recently reminded of the following sentiment by a colleague of mine in the office: “It is better to be prepared 1 year too early than 1 day too late.”

Read more