SlideShare una empresa de Scribd logo

Looking Forward - Regulators and Data Incidents

Resilient Systems
Resilient Systems

The trends continue to point upward for data incidents and 2013 is becoming a pace setter. The shifting regulatory landscape promises to add further complications for companies struggling to prepare for and respond to data privacy incidents. This webinar will feature two leading data breach experts who have performed a two year trend analysis across hundreds of cases to offer a powerful and up-to-date perspective on what has happened and their predictions for the future. It will also cover how these factors are shaping regulations which are in turn influencing decision-making in the C-Suite. Our featured speakers for this timely webinar will be: -Bill Hardin, Director of Data Privacy Response & Investigations, Navigant -Jennifer Coughlin, Privacy and Data Security Attorney, Nelson, Levine -Gant Redmon, Esq. General Counsel and VP of Business Development, Co3 Systems

Tecnología
1 de 26
Descargar para leer sin conexión
Looking Forward: Regulators and Data Incidents
Page 2 Agenda • Introductions • Breach Impact On The C-Suite • How Breaches Occur • Data Breach Study Results • Breach Legal Considerations • Q&A
Page 3 Introductions: Today’s Speakers • Gant Redmon - General Counsel and VP Business Development, Co3 Systems • Bill Hardin - Director, Disputes and Investigations, Navigant • Jennifer Coughlin - Privacy and Data Security, Nelson Levine DeLuca Hamilton
Page 4 Co3 Automates Breach Management PREPARE Improve Organizational Readiness • Assign response team • Describe environment • Simulate events and incidents • Focus on organizational gaps REPORT Document Results and Track Performance • Document incident results • Track historical performance • Demonstrate organizational preparedness • Generate audit/compliance reports ASSESS Quantify Potential Impact, Support Privacy Impact Assessments • Track events • Scope regulatory requirements • See $ exposure • Send notice to team • Generate Impact Assessments MANAGE Easily Generate Detailed Incident Response Plans • Escalate to complete IR plan • Oversee the complete plan • Assign tasks: who/what/when • Notify regulators and clients • Monitor progress to completion
Page 5 • Premium brand and reputation with critical mass • Deep relationships with premier law firms and Fortune 500 • Disputes and Investigation Services: • Government, regulatory and investigative actions • Data Breach and Theft of Trade Secrets Investigations • Global investigations and compliance issues • Forensic Accounting Introduction to Navigant
Page 6 Intro To Navigant - Our Teams are Deployed REACTIVEPROACTIVE
WHERE DOES CYBER SECURITY RANK ON YOUR RISK PROFILE FOR 2013/2014?
Page 8 Balancing the Needs (CEO and Board) CFO & COO CIO & CTO Legal & Regulatory Business & Financial Technology The C-Suite CLO & CRO
Page 9 When an Event Triggers Something Else.. 9 $22.15 $10.75 $- $5.00 $10.00 $15.00 $20.00 $25.00 $30.00 $35.00 Jun-27-2011 Sep-27-2011 Dec-27-2011 Mar-27-2012 Jun-27-2012 Sep-27-2012 Dec-27-2012 Mar-27-2013 Stock Price around Large Health Care Data Breach Disclosure
Page 10 Ranking in 2008 Ranking in 2012 International operations Information security Project management International operations Extended enterprise Excess cash Data privacy Corporate culture Fraud Compliance IT Third-party relationships Business continuity management Cost reduction pressures Shared services Human resources Tax management Social media *CFO.com December 2011 How does a CFO rank risk?
ARE YOUR EMPLOYEES WELL TRAINED AND UNDERSTAND THE RISK WITH SENSITIVE INFORMATION?
Page 12 Increased Asset Value = Increased Liabilities
Page 13 Where is the Payroll File? ADP
Page 14 Human Element The faces of the company
Page 15 Snowmageddon – USA Today Coverage As Snowden told The Guardian in a videotaped interview: "When you're in positions of privileged access, like a systems administrator, for these sort of intelligence community agencies, you're exposed to a lot more information on a broader scale than the average employee ... Anybody in the positions of access with the technical capabilities that I had could, you know, suck out secrets." He also claimed to possess the "full rosters of everyone working at the NSA, the entire intelligence community and undercover assets all around the world, the locations of every station we have, what their missions are and so forth."
Page 16 How Do Data Breaches Occur? Lost Devices & Inadvertent Publication of Data Disgruntled Employees Vendors & Subcontractors Hackers & Unsecured Websites Accidental Intentional InternalExternal
Page 17 Navigant’s Data Breach Study (Jan. 2011 to Dec. 2012) 0 1,000,000 2,000,000 3,000,000 4,000,000 5,000,000 6,000,000 7,000,000 8,000,000 9,000,000 2012 2011 YOY Growth – 57% YOY Growth – 145%
Page 18 Navigant’s Data Breach Study (Jan. 2011 to Dec 2012) Change from 2011? No Significant Changes Noted
HOW MANY LAWS AND REGULATIONS DO YOU THINK COVER CYBER SECURITY?
Page 20 Legal & Regulatory Risks Legal Risk Contracts Federal, State and Foreign Laws Industry Specific Regulations Common Law
Page 21 Is there a lawyer in the room? • 46 states with privacy breach notification laws • HIPAA/HITECH regulations • Gramm – Leach – Bliley • FTC • State Consumer Protection Laws • Foreign laws and regulations • Other federal laws • SEC Guidance on Regulation S-K Item 503(c), CAN-SPAM, Children’s Online Privacy Protection Act (COPPA), Fair Credit Reporting Act (FCRA), Fair and Accurate Credit Transactions Act (FACTA), Computer Fraud and Abuse Act, Federal Privacy Act
MY COMPANY HAS REVIEWED IT’S INSURANCE COVERAGE WITH RESPECT TO PRIVACY AND CYBER SECURITY
Page 23 Data Security and Privacy Liability Exposure Liability Suits from your customers Consumer Class Action Suits Regulatory Settlements with the FTC, State AGs, HHS, FINRA, SEC, etc. Privacy Regulatory Proceeding inc. Fines and Consumer Redress Funds Defense costs Privacy Event Expenses Notification Costs Forensics Legal and PR Credit Monitoring
Page 24 Who do you TRUST
QUESTIONS
One Alewife Center, Suite 450 Cambridge, MA 02140 PHONE 617.206.3900 WWW.CO3SYS.COM “Co3 Systems makes the process of planning for a nightmare scenario as painless as possible, making it an Editors’ Choice.” PC MAGAZINE, EDITOR’S CHOICE “Co3…defines what software packages for privacy look like.” GARTNER “Platform is comprehensive, user friendly, and very well designed.” PONEMON INSTITUTE Bill Hardin 30 S. Wacker Drive Suite 3100, Chicago, IL 60606 312.583.4119 Office | 773.415.3076 Mobile | bill.hardin@navigant.com WWW.NAVIGANT.COM Jennifer Coughlin Nelson Levine de Luca & Hamilton, LLC 215-358-5134 jcoughlin@nldhlaw.com WWW.NLDHLAW.COM

Recomendados

Responding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for MerchantsResponding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for Merchants
- Mark - Fullbright
 
Big Data: Beyond the Hype - Why Big Data Matters to You
Big Data: Beyond the Hype - Why Big Data Matters to YouBig Data: Beyond the Hype - Why Big Data Matters to You
Big Data: Beyond the Hype - Why Big Data Matters to You
DATAVERSITY
 
Master Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security FundamentalsMaster Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security Fundamentals
Sarah Fane
 
Where in the world is your PII and other sensitive data? by @druva inc
Where in the world is your PII and other sensitive data? by @druva incWhere in the world is your PII and other sensitive data? by @druva inc
Where in the world is your PII and other sensitive data? by @druva inc
Druva
 
Proven Practices to Protect Critical Data - DarkReading VTS Deck
Proven Practices to Protect Critical Data - DarkReading VTS DeckProven Practices to Protect Critical Data - DarkReading VTS Deck
Proven Practices to Protect Critical Data - DarkReading VTS Deck
NetIQ
 
2014 ota databreach3
2014 ota databreach32014 ota databreach3
2014 ota databreach3
Meg Weber
 
Data Breach Guide 2013
Data Breach Guide 2013Data Breach Guide 2013
Data Breach Guide 2013
- Mark - Fullbright
 
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
Casey Ellis
 

Recomendados

Responding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for MerchantsResponding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for Merchants
- Mark - Fullbright
 
Big Data: Beyond the Hype - Why Big Data Matters to You
Big Data: Beyond the Hype - Why Big Data Matters to YouBig Data: Beyond the Hype - Why Big Data Matters to You
Big Data: Beyond the Hype - Why Big Data Matters to You
DATAVERSITY
 
Master Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security FundamentalsMaster Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security Fundamentals
Sarah Fane
 
Where in the world is your PII and other sensitive data? by @druva inc
Where in the world is your PII and other sensitive data? by @druva incWhere in the world is your PII and other sensitive data? by @druva inc
Where in the world is your PII and other sensitive data? by @druva inc
Druva
 
Proven Practices to Protect Critical Data - DarkReading VTS Deck
Proven Practices to Protect Critical Data - DarkReading VTS DeckProven Practices to Protect Critical Data - DarkReading VTS Deck
Proven Practices to Protect Critical Data - DarkReading VTS Deck
NetIQ
 
2014 ota databreach3
2014 ota databreach32014 ota databreach3
2014 ota databreach3
Meg Weber
 
Data Breach Guide 2013
Data Breach Guide 2013Data Breach Guide 2013
Data Breach Guide 2013
- Mark - Fullbright
 
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
Casey Ellis
 
Whitepaper - Application Delivery in PCI DSS Compliant Environments
Whitepaper - Application Delivery in PCI DSS Compliant EnvironmentsWhitepaper - Application Delivery in PCI DSS Compliant Environments
Whitepaper - Application Delivery in PCI DSS Compliant Environments
Jason Dover
 
A data-centric program
A data-centric program A data-centric program
A data-centric program
at MicroFocus Italy ❖✔
 
Cyber Security Planning: Preparing for a Data Breach
Cyber Security Planning: Preparing for a Data BreachCyber Security Planning: Preparing for a Data Breach
Cyber Security Planning: Preparing for a Data Breach
Fletcher Media
 
CYBER SECURITY FOR LAW FIRMS
CYBER SECURITY FOR LAW FIRMSCYBER SECURITY FOR LAW FIRMS
CYBER SECURITY FOR LAW FIRMS
Scott Suhy
 
Siskinds | Incident Response Plan
Siskinds | Incident Response PlanSiskinds | Incident Response Plan
Siskinds | Incident Response Plan
Next Dimension Inc.
 
Threat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideThreat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the Outside
DLT Solutions
 
Cyber Insurance CLE
Cyber Insurance CLE Cyber Insurance CLE
Cyber Insurance CLE
Sarah Stogner
 
Managed Security For A Not So Secure World Wp090991
Managed Security For A Not So Secure World Wp090991Managed Security For A Not So Secure World Wp090991
Managed Security For A Not So Secure World Wp090991
Erik Ginalick
 
Data breach presentation
Data breach presentationData breach presentation
Data breach presentation
Bradford Bach
 
Protecting the Core of Your Network
Protecting the Core of Your Network Protecting the Core of Your Network
Protecting the Core of Your Network
Mighty Guides, Inc.
 
2015 09-22 Is it time for a Security and Compliance Assessment?
2015 09-22 Is it time for a Security and Compliance Assessment?2015 09-22 Is it time for a Security and Compliance Assessment?
2015 09-22 Is it time for a Security and Compliance Assessment?
Raffa Learning Community
 
Protecting Your Business From Cyber Risks
Protecting Your Business From Cyber RisksProtecting Your Business From Cyber Risks
Protecting Your Business From Cyber Risks
This account is closed
 
DATA PROTECTION & BREACH READINESS GUIDE 2014
DATA PROTECTION & BREACH READINESS GUIDE 2014DATA PROTECTION & BREACH READINESS GUIDE 2014
DATA PROTECTION & BREACH READINESS GUIDE 2014
- Mark - Fullbright
 
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
Jay Kesan
 
How to keep out of trouble with GDPR: The case of Facebook, Google and Experian
How to keep out of trouble with GDPR: The case of Facebook, Google and ExperianHow to keep out of trouble with GDPR: The case of Facebook, Google and Experian
How to keep out of trouble with GDPR: The case of Facebook, Google and Experian
PECB
 
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
SafeNet
 
Secure dataroom whitepaper_protecting_confidential_documents
Secure dataroom whitepaper_protecting_confidential_documentsSecure dataroom whitepaper_protecting_confidential_documents
Secure dataroom whitepaper_protecting_confidential_documents
e.law International
 
How to safe your company from having a security breach
How to safe your company from having a security breachHow to safe your company from having a security breach
How to safe your company from having a security breach
Baltimax
 
Corporate Treasurers Focus on Cyber Security
Corporate Treasurers Focus on Cyber SecurityCorporate Treasurers Focus on Cyber Security
Corporate Treasurers Focus on Cyber Security
Joan Weber
 
Ci2 cyber insurance presentation
Ci2 cyber insurance presentationCi2 cyber insurance presentation
Ci2 cyber insurance presentation
Ethan S. Burger
 
Nlpdap ile düşünce yönetimi ve stratejik iletişim
Nlpdap ile düşünce yönetimi ve stratejik iletişimNlpdap ile düşünce yönetimi ve stratejik iletişim
Nlpdap ile düşünce yönetimi ve stratejik iletişim
NLPDAP Danışmanlık ve Eğitim Merkezi
 
Chushi151022
Chushi151022Chushi151022
Chushi151022
Koyo Yamamori
 

Más contenido relacionado

La actualidad más candente

Whitepaper - Application Delivery in PCI DSS Compliant Environments
Whitepaper - Application Delivery in PCI DSS Compliant EnvironmentsWhitepaper - Application Delivery in PCI DSS Compliant Environments
Whitepaper - Application Delivery in PCI DSS Compliant Environments
Jason Dover
 
A data-centric program
A data-centric program A data-centric program
A data-centric program
at MicroFocus Italy ❖✔
 
Managed Security For A Not So Secure World Wp090991
Managed Security For A Not So Secure World Wp090991Managed Security For A Not So Secure World Wp090991
Managed Security For A Not So Secure World Wp090991
Erik Ginalick
 
How to keep out of trouble with GDPR: The case of Facebook, Google and Experian
How to keep out of trouble with GDPR: The case of Facebook, Google and ExperianHow to keep out of trouble with GDPR: The case of Facebook, Google and Experian
How to keep out of trouble with GDPR: The case of Facebook, Google and Experian
PECB
 
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
SafeNet
 
Secure dataroom whitepaper_protecting_confidential_documents
Secure dataroom whitepaper_protecting_confidential_documentsSecure dataroom whitepaper_protecting_confidential_documents
Secure dataroom whitepaper_protecting_confidential_documents
e.law International
 

La actualidad más candente (20)

Whitepaper - Application Delivery in PCI DSS Compliant Environments
Whitepaper - Application Delivery in PCI DSS Compliant EnvironmentsWhitepaper - Application Delivery in PCI DSS Compliant Environments
Whitepaper - Application Delivery in PCI DSS Compliant Environments
 
A data-centric program
A data-centric program A data-centric program
A data-centric program
 
Cyber Security Planning: Preparing for a Data Breach
Cyber Security Planning: Preparing for a Data BreachCyber Security Planning: Preparing for a Data Breach
Cyber Security Planning: Preparing for a Data Breach
 
CYBER SECURITY FOR LAW FIRMS
CYBER SECURITY FOR LAW FIRMSCYBER SECURITY FOR LAW FIRMS
CYBER SECURITY FOR LAW FIRMS
 
Siskinds | Incident Response Plan
Siskinds | Incident Response PlanSiskinds | Incident Response Plan
Siskinds | Incident Response Plan
 
Threat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideThreat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the Outside
 
Cyber Insurance CLE
Cyber Insurance CLE Cyber Insurance CLE
Cyber Insurance CLE
 
Managed Security For A Not So Secure World Wp090991
Managed Security For A Not So Secure World Wp090991Managed Security For A Not So Secure World Wp090991
Managed Security For A Not So Secure World Wp090991
 
Data breach presentation
Data breach presentationData breach presentation
Data breach presentation
 
Protecting the Core of Your Network
Protecting the Core of Your Network Protecting the Core of Your Network
Protecting the Core of Your Network
 
2015 09-22 Is it time for a Security and Compliance Assessment?
2015 09-22 Is it time for a Security and Compliance Assessment?2015 09-22 Is it time for a Security and Compliance Assessment?
2015 09-22 Is it time for a Security and Compliance Assessment?
 
Protecting Your Business From Cyber Risks
Protecting Your Business From Cyber RisksProtecting Your Business From Cyber Risks
Protecting Your Business From Cyber Risks
 
DATA PROTECTION & BREACH READINESS GUIDE 2014
DATA PROTECTION & BREACH READINESS GUIDE 2014DATA PROTECTION & BREACH READINESS GUIDE 2014
DATA PROTECTION & BREACH READINESS GUIDE 2014
 
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
 
How to keep out of trouble with GDPR: The case of Facebook, Google and Experian
How to keep out of trouble with GDPR: The case of Facebook, Google and ExperianHow to keep out of trouble with GDPR: The case of Facebook, Google and Experian
How to keep out of trouble with GDPR: The case of Facebook, Google and Experian
 
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
 
Secure dataroom whitepaper_protecting_confidential_documents
Secure dataroom whitepaper_protecting_confidential_documentsSecure dataroom whitepaper_protecting_confidential_documents
Secure dataroom whitepaper_protecting_confidential_documents
 
How to safe your company from having a security breach
How to safe your company from having a security breachHow to safe your company from having a security breach
How to safe your company from having a security breach
 
Corporate Treasurers Focus on Cyber Security
Corporate Treasurers Focus on Cyber SecurityCorporate Treasurers Focus on Cyber Security
Corporate Treasurers Focus on Cyber Security
 
Ci2 cyber insurance presentation
Ci2 cyber insurance presentationCi2 cyber insurance presentation
Ci2 cyber insurance presentation
 

Destacado

Nlpdap ile düşünce yönetimi ve stratejik iletişim
Nlpdap ile düşünce yönetimi ve stratejik iletişimNlpdap ile düşünce yönetimi ve stratejik iletişim
Nlpdap ile düşünce yönetimi ve stratejik iletişim
NLPDAP Danışmanlık ve Eğitim Merkezi
 
1o habilidades del docente de la post era digital
1o habilidades del docente de la post era digital1o habilidades del docente de la post era digital
1o habilidades del docente de la post era digital
Alma de Docente
 
О том, как бы частью хорошей команды. И как её собрать.
О том, как бы частью хорошей команды. И как её собрать.О том, как бы частью хорошей команды. И как её собрать.
О том, как бы частью хорошей команды. И как её собрать.
Igor Debatur
 
Miriam Sturdee - Xray vision
Miriam Sturdee - Xray vision Miriam Sturdee - Xray vision
Miriam Sturdee - Xray vision
Sebastian Weise
 
Customer Favorite Features: Popular Co3 Product Updates & A Special Promotion
Customer Favorite Features: Popular Co3 Product Updates & A Special PromotionCustomer Favorite Features: Popular Co3 Product Updates & A Special Promotion
Customer Favorite Features: Popular Co3 Product Updates & A Special Promotion
Resilient Systems
 
งานนำเสนอ1
งานนำเสนอ1งานนำเสนอ1
งานนำเสนอ1
surasak2222
 

Destacado (20)

Nlpdap ile düşünce yönetimi ve stratejik iletişim
Nlpdap ile düşünce yönetimi ve stratejik iletişimNlpdap ile düşünce yönetimi ve stratejik iletişim
Nlpdap ile düşünce yönetimi ve stratejik iletişim
 
Chushi151022
Chushi151022Chushi151022
Chushi151022
 
1o habilidades del docente de la post era digital
1o habilidades del docente de la post era digital1o habilidades del docente de la post era digital
1o habilidades del docente de la post era digital
 
Innovation galinski-zambrovski-camunda bpm testing
Innovation galinski-zambrovski-camunda bpm testingInnovation galinski-zambrovski-camunda bpm testing
Innovation galinski-zambrovski-camunda bpm testing
 
Background at Basketball
Background at Basketball Background at Basketball
Background at Basketball
 
О том, как бы частью хорошей команды. И как её собрать.
О том, как бы частью хорошей команды. И как её собрать.О том, как бы частью хорошей команды. И как её собрать.
О том, как бы частью хорошей команды. И как её собрать.
 
Self-Publishing and Libraries
Self-Publishing and LibrariesSelf-Publishing and Libraries
Self-Publishing and Libraries
 
Available for sale
Available for saleAvailable for sale
Available for sale
 
A k i l o y u n l a r i
A k i l o y u n l a r iA k i l o y u n l a r i
A k i l o y u n l a r i
 
教育学特殊XIV 第4講
教育学特殊XIV 第4講教育学特殊XIV 第4講
教育学特殊XIV 第4講
 
SEC Cybersecurity Disclosure Guidelines
SEC Cybersecurity Disclosure GuidelinesSEC Cybersecurity Disclosure Guidelines
SEC Cybersecurity Disclosure Guidelines
 
Wanted & available
Wanted & availableWanted & available
Wanted & available
 
Hot tub appleton
Hot tub appletonHot tub appleton
Hot tub appleton
 
Miriam Sturdee - Xray vision
Miriam Sturdee - Xray vision Miriam Sturdee - Xray vision
Miriam Sturdee - Xray vision
 
Bu ghandoeng’s canteen
Bu ghandoeng’s canteenBu ghandoeng’s canteen
Bu ghandoeng’s canteen
 
Customer Favorite Features: Popular Co3 Product Updates & A Special Promotion
Customer Favorite Features: Popular Co3 Product Updates & A Special PromotionCustomer Favorite Features: Popular Co3 Product Updates & A Special Promotion
Customer Favorite Features: Popular Co3 Product Updates & A Special Promotion
 
Wanted & available
Wanted & availableWanted & available
Wanted & available
 
SOcial Networks to Watch in 2013
SOcial Networks to Watch in 2013SOcial Networks to Watch in 2013
SOcial Networks to Watch in 2013
 
Wanted & available
Wanted & availableWanted & available
Wanted & available
 
งานนำเสนอ1
งานนำเสนอ1งานนำเสนอ1
งานนำเสนอ1
 

Similar a Looking Forward - Regulators and Data Incidents

Privacy & Data Breach: 2012 Recap, 2013 Predictions
Privacy & Data Breach: 2012 Recap, 2013 PredictionsPrivacy & Data Breach: 2012 Recap, 2013 Predictions
Privacy & Data Breach: 2012 Recap, 2013 Predictions
Resilient Systems
 
Deconstructing Data Breach Cost
Deconstructing Data Breach CostDeconstructing Data Breach Cost
Deconstructing Data Breach Cost
Resilient Systems
 
Douglas Jambor Sageworks Cybersecurity Presentation
Douglas Jambor Sageworks Cybersecurity PresentationDouglas Jambor Sageworks Cybersecurity Presentation
Douglas Jambor Sageworks Cybersecurity Presentation
Turner and Associates, Inc.
 
02/18/2010 Meeting - Data Analytics
02/18/2010 Meeting - Data Analytics02/18/2010 Meeting - Data Analytics
02/18/2010 Meeting - Data Analytics
acfesj
 
Managing Consumer Data Privacy
Managing Consumer Data PrivacyManaging Consumer Data Privacy
Managing Consumer Data Privacy
Gigya
 
Data governance, Information security strategy
Data governance, Information security strategyData governance, Information security strategy
Data governance, Information security strategy
vasanthi4ever
 
Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy ComplianceCorporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Financial Poise
 
Data Privacy Compliance
Data Privacy ComplianceData Privacy Compliance
Data Privacy Compliance
Financial Poise
 
Information Asset Management in Financial Institutions: How Much Is It Really...
Information Asset Management in Financial Institutions: How Much Is It Really...Information Asset Management in Financial Institutions: How Much Is It Really...
Information Asset Management in Financial Institutions: How Much Is It Really...
Precisely
 

Similar a Looking Forward - Regulators and Data Incidents (20)

Privacy & Data Breach: 2012 Recap, 2013 Predictions
Privacy & Data Breach: 2012 Recap, 2013 PredictionsPrivacy & Data Breach: 2012 Recap, 2013 Predictions
Privacy & Data Breach: 2012 Recap, 2013 Predictions
 
Deconstructing Data Breach Cost
Deconstructing Data Breach CostDeconstructing Data Breach Cost
Deconstructing Data Breach Cost
 
Co3 rsc r5
Co3 rsc r5Co3 rsc r5
Co3 rsc r5
 
Douglas Jambor Sageworks Cybersecurity Presentation
Douglas Jambor Sageworks Cybersecurity PresentationDouglas Jambor Sageworks Cybersecurity Presentation
Douglas Jambor Sageworks Cybersecurity Presentation
 
02/18/2010 Meeting - Data Analytics
02/18/2010 Meeting - Data Analytics02/18/2010 Meeting - Data Analytics
02/18/2010 Meeting - Data Analytics
 
Managing Consumer Data Privacy
Managing Consumer Data PrivacyManaging Consumer Data Privacy
Managing Consumer Data Privacy
 
D&B onboard.pdf
D&B onboard.pdfD&B onboard.pdf
D&B onboard.pdf
 
The top trends changing the landscape of Information Management
The top trends changing the landscape of Information ManagementThe top trends changing the landscape of Information Management
The top trends changing the landscape of Information Management
 
Data Breaches - Sageworks, Inc., Webinar Series by Douglas Jambor
Data Breaches - Sageworks, Inc., Webinar Series by Douglas JamborData Breaches - Sageworks, Inc., Webinar Series by Douglas Jambor
Data Breaches - Sageworks, Inc., Webinar Series by Douglas Jambor
 
Ritz 4th-july-gdpr
Ritz 4th-july-gdprRitz 4th-july-gdpr
Ritz 4th-july-gdpr
 
Coso in the cyber age
Coso in the cyber ageCoso in the cyber age
Coso in the cyber age
 
Data governance, Information security strategy
Data governance, Information security strategyData governance, Information security strategy
Data governance, Information security strategy
 
Defensible cybersecurity-jan-25th-
Defensible cybersecurity-jan-25th-Defensible cybersecurity-jan-25th-
Defensible cybersecurity-jan-25th-
 
Webinar Deck - Protect Your Users' Online Privacy
Webinar Deck - Protect Your Users' Online Privacy Webinar Deck - Protect Your Users' Online Privacy
Webinar Deck - Protect Your Users' Online Privacy
 
Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy ComplianceCorporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
 
Data Privacy Compliance
Data Privacy ComplianceData Privacy Compliance
Data Privacy Compliance
 
Information Asset Management in Financial Institutions: How Much Is It Really...
Information Asset Management in Financial Institutions: How Much Is It Really...Information Asset Management in Financial Institutions: How Much Is It Really...
Information Asset Management in Financial Institutions: How Much Is It Really...
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year On
 
Web Analytics and Privacy
Web Analytics and Privacy Web Analytics and Privacy
Web Analytics and Privacy
 
Deliver Data Governance with a “Yes”
Deliver Data Governance with a “Yes”Deliver Data Governance with a “Yes”
Deliver Data Governance with a “Yes”
 

Más de Resilient Systems

You've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The IncidentYou've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The Incident
Resilient Systems
 
Data Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot SeatData Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Resilient Systems
 
By Popular Demand: Co3's Latest and Greatest Features
By Popular Demand: Co3's Latest and Greatest Features By Popular Demand: Co3's Latest and Greatest Features
By Popular Demand: Co3's Latest and Greatest Features
Resilient Systems
 
Are We Breached How to Effectively Assess and Manage Incidents
Are We Breached How to Effectively Assess and Manage Incidents Are We Breached How to Effectively Assess and Manage Incidents
Are We Breached How to Effectively Assess and Manage Incidents
Resilient Systems
 
Ready or Not, Here They Come Preparing For Phase 2 HIPAA Compliance Audits
Ready or Not, Here They Come Preparing For Phase 2 HIPAA Compliance Audits Ready or Not, Here They Come Preparing For Phase 2 HIPAA Compliance Audits
Ready or Not, Here They Come Preparing For Phase 2 HIPAA Compliance Audits
Resilient Systems
 
Encryption: Who, What, When, Where, and Why It's Not a Panacea
Encryption: Who, What, When, Where, and Why It's Not a PanaceaEncryption: Who, What, When, Where, and Why It's Not a Panacea
Encryption: Who, What, When, Where, and Why It's Not a Panacea
Resilient Systems
 
How To Build An Incident Response Function
How To Build An Incident Response FunctionHow To Build An Incident Response Function
How To Build An Incident Response Function
Resilient Systems
 
Today's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About ItToday's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About It
Resilient Systems
 
EU Cyber Attacks And The Incident Response Imperative
EU Cyber Attacks And The Incident Response ImperativeEU Cyber Attacks And The Incident Response Imperative
EU Cyber Attacks And The Incident Response Imperative
Resilient Systems
 
Incident Response: How To Prepare
Incident Response: How To PrepareIncident Response: How To Prepare
Incident Response: How To Prepare
Resilient Systems
 
The Target Breach - Follow The Money EU
The Target Breach - Follow The Money EUThe Target Breach - Follow The Money EU
The Target Breach - Follow The Money EU
Resilient Systems
 
5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response Plan5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response Plan
Resilient Systems
 
How To Turbo-Charge Incident Response With Threat Intelligence
How To Turbo-Charge Incident Response With Threat IntelligenceHow To Turbo-Charge Incident Response With Threat Intelligence
How To Turbo-Charge Incident Response With Threat Intelligence
Resilient Systems
 
New CISO - The First 90 Days
New CISO - The First 90 DaysNew CISO - The First 90 Days
New CISO - The First 90 Days
Resilient Systems
 
How To Stop Target-Like Breaches In Their Tracks
How To Stop Target-Like Breaches In Their TracksHow To Stop Target-Like Breaches In Their Tracks
How To Stop Target-Like Breaches In Their Tracks
Resilient Systems
 
The Target Breach – Follow The Money
The Target Breach – Follow The MoneyThe Target Breach – Follow The Money
The Target Breach – Follow The Money
Resilient Systems
 
A Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 PredictionsA Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 Predictions
Resilient Systems
 
Incident Response: Don't Mess It Up, Here's How To Get It Right
Incident Response: Don't Mess It Up, Here's How To Get It RightIncident Response: Don't Mess It Up, Here's How To Get It Right
Incident Response: Don't Mess It Up, Here's How To Get It Right
Resilient Systems
 
Treat a Breach Like a Customer, Not a Compliance Issue
Treat a Breach Like a Customer, Not a Compliance IssueTreat a Breach Like a Customer, Not a Compliance Issue
Treat a Breach Like a Customer, Not a Compliance Issue
Resilient Systems
 

Más de Resilient Systems (20)

You've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The IncidentYou've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The Incident
 
Data Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot SeatData Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot Seat
 
Co3's Annual Review & Predictions Webinar
Co3's Annual Review & Predictions WebinarCo3's Annual Review & Predictions Webinar
Co3's Annual Review & Predictions Webinar
 
By Popular Demand: Co3's Latest and Greatest Features
By Popular Demand: Co3's Latest and Greatest Features By Popular Demand: Co3's Latest and Greatest Features
By Popular Demand: Co3's Latest and Greatest Features
 
Are We Breached How to Effectively Assess and Manage Incidents
Are We Breached How to Effectively Assess and Manage Incidents Are We Breached How to Effectively Assess and Manage Incidents
Are We Breached How to Effectively Assess and Manage Incidents
 
Ready or Not, Here They Come Preparing For Phase 2 HIPAA Compliance Audits
Ready or Not, Here They Come Preparing For Phase 2 HIPAA Compliance Audits Ready or Not, Here They Come Preparing For Phase 2 HIPAA Compliance Audits
Ready or Not, Here They Come Preparing For Phase 2 HIPAA Compliance Audits
 
Encryption: Who, What, When, Where, and Why It's Not a Panacea
Encryption: Who, What, When, Where, and Why It's Not a PanaceaEncryption: Who, What, When, Where, and Why It's Not a Panacea
Encryption: Who, What, When, Where, and Why It's Not a Panacea
 
How To Build An Incident Response Function
How To Build An Incident Response FunctionHow To Build An Incident Response Function
How To Build An Incident Response Function
 
Today's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About ItToday's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About It
 
EU Cyber Attacks And The Incident Response Imperative
EU Cyber Attacks And The Incident Response ImperativeEU Cyber Attacks And The Incident Response Imperative
EU Cyber Attacks And The Incident Response Imperative
 
Incident Response: How To Prepare
Incident Response: How To PrepareIncident Response: How To Prepare
Incident Response: How To Prepare
 
The Target Breach - Follow The Money EU
The Target Breach - Follow The Money EUThe Target Breach - Follow The Money EU
The Target Breach - Follow The Money EU
 
5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response Plan5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response Plan
 
How To Turbo-Charge Incident Response With Threat Intelligence
How To Turbo-Charge Incident Response With Threat IntelligenceHow To Turbo-Charge Incident Response With Threat Intelligence
How To Turbo-Charge Incident Response With Threat Intelligence
 
New CISO - The First 90 Days
New CISO - The First 90 DaysNew CISO - The First 90 Days
New CISO - The First 90 Days
 
How To Stop Target-Like Breaches In Their Tracks
How To Stop Target-Like Breaches In Their TracksHow To Stop Target-Like Breaches In Their Tracks
How To Stop Target-Like Breaches In Their Tracks
 
The Target Breach – Follow The Money
The Target Breach – Follow The MoneyThe Target Breach – Follow The Money
The Target Breach – Follow The Money
 
A Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 PredictionsA Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 Predictions
 
Incident Response: Don't Mess It Up, Here's How To Get It Right
Incident Response: Don't Mess It Up, Here's How To Get It RightIncident Response: Don't Mess It Up, Here's How To Get It Right
Incident Response: Don't Mess It Up, Here's How To Get It Right
 
Treat a Breach Like a Customer, Not a Compliance Issue
Treat a Breach Like a Customer, Not a Compliance IssueTreat a Breach Like a Customer, Not a Compliance Issue
Treat a Breach Like a Customer, Not a Compliance Issue
 

Último

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 

Último (20)

Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 

Looking Forward - Regulators and Data Incidents

  • 2. Page 2 Agenda • Introductions • Breach Impact On The C-Suite • How Breaches Occur • Data Breach Study Results • Breach Legal Considerations • Q&A
  • 3. Page 3 Introductions: Today’s Speakers • Gant Redmon - General Counsel and VP Business Development, Co3 Systems • Bill Hardin - Director, Disputes and Investigations, Navigant • Jennifer Coughlin - Privacy and Data Security, Nelson Levine DeLuca Hamilton
  • 4. Page 4 Co3 Automates Breach Management PREPARE Improve Organizational Readiness • Assign response team • Describe environment • Simulate events and incidents • Focus on organizational gaps REPORT Document Results and Track Performance • Document incident results • Track historical performance • Demonstrate organizational preparedness • Generate audit/compliance reports ASSESS Quantify Potential Impact, Support Privacy Impact Assessments • Track events • Scope regulatory requirements • See $ exposure • Send notice to team • Generate Impact Assessments MANAGE Easily Generate Detailed Incident Response Plans • Escalate to complete IR plan • Oversee the complete plan • Assign tasks: who/what/when • Notify regulators and clients • Monitor progress to completion
  • 5. Page 5 • Premium brand and reputation with critical mass • Deep relationships with premier law firms and Fortune 500 • Disputes and Investigation Services: • Government, regulatory and investigative actions • Data Breach and Theft of Trade Secrets Investigations • Global investigations and compliance issues • Forensic Accounting Introduction to Navigant
  • 6. Page 6 Intro To Navigant - Our Teams are Deployed REACTIVEPROACTIVE
  • 7. WHERE DOES CYBER SECURITY RANK ON YOUR RISK PROFILE FOR 2013/2014?
  • 8. Page 8 Balancing the Needs (CEO and Board) CFO & COO CIO & CTO Legal & Regulatory Business & Financial Technology The C-Suite CLO & CRO
  • 9. Page 9 When an Event Triggers Something Else.. 9 $22.15 $10.75 $- $5.00 $10.00 $15.00 $20.00 $25.00 $30.00 $35.00 Jun-27-2011 Sep-27-2011 Dec-27-2011 Mar-27-2012 Jun-27-2012 Sep-27-2012 Dec-27-2012 Mar-27-2013 Stock Price around Large Health Care Data Breach Disclosure
  • 10. Page 10 Ranking in 2008 Ranking in 2012 International operations Information security Project management International operations Extended enterprise Excess cash Data privacy Corporate culture Fraud Compliance IT Third-party relationships Business continuity management Cost reduction pressures Shared services Human resources Tax management Social media *CFO.com December 2011 How does a CFO rank risk?
  • 11. ARE YOUR EMPLOYEES WELL TRAINED AND UNDERSTAND THE RISK WITH SENSITIVE INFORMATION?
  • 12. Page 12 Increased Asset Value = Increased Liabilities
  • 13. Page 13 Where is the Payroll File? ADP
  • 14. Page 14 Human Element The faces of the company
  • 15. Page 15 Snowmageddon – USA Today Coverage As Snowden told The Guardian in a videotaped interview: "When you're in positions of privileged access, like a systems administrator, for these sort of intelligence community agencies, you're exposed to a lot more information on a broader scale than the average employee ... Anybody in the positions of access with the technical capabilities that I had could, you know, suck out secrets." He also claimed to possess the "full rosters of everyone working at the NSA, the entire intelligence community and undercover assets all around the world, the locations of every station we have, what their missions are and so forth."
  • 16. Page 16 How Do Data Breaches Occur? Lost Devices & Inadvertent Publication of Data Disgruntled Employees Vendors & Subcontractors Hackers & Unsecured Websites Accidental Intentional InternalExternal
  • 17. Page 17 Navigant’s Data Breach Study (Jan. 2011 to Dec. 2012) 0 1,000,000 2,000,000 3,000,000 4,000,000 5,000,000 6,000,000 7,000,000 8,000,000 9,000,000 2012 2011 YOY Growth – 57% YOY Growth – 145%
  • 18. Page 18 Navigant’s Data Breach Study (Jan. 2011 to Dec 2012) Change from 2011? No Significant Changes Noted
  • 19. HOW MANY LAWS AND REGULATIONS DO YOU THINK COVER CYBER SECURITY?
  • 20. Page 20 Legal & Regulatory Risks Legal Risk Contracts Federal, State and Foreign Laws Industry Specific Regulations Common Law
  • 21. Page 21 Is there a lawyer in the room? • 46 states with privacy breach notification laws • HIPAA/HITECH regulations • Gramm – Leach – Bliley • FTC • State Consumer Protection Laws • Foreign laws and regulations • Other federal laws • SEC Guidance on Regulation S-K Item 503(c), CAN-SPAM, Children’s Online Privacy Protection Act (COPPA), Fair Credit Reporting Act (FCRA), Fair and Accurate Credit Transactions Act (FACTA), Computer Fraud and Abuse Act, Federal Privacy Act
  • 22. MY COMPANY HAS REVIEWED IT’S INSURANCE COVERAGE WITH RESPECT TO PRIVACY AND CYBER SECURITY
  • 23. Page 23 Data Security and Privacy Liability Exposure Liability Suits from your customers Consumer Class Action Suits Regulatory Settlements with the FTC, State AGs, HHS, FINRA, SEC, etc. Privacy Regulatory Proceeding inc. Fines and Consumer Redress Funds Defense costs Privacy Event Expenses Notification Costs Forensics Legal and PR Credit Monitoring
  • 24. Page 24 Who do you TRUST
  • 26. One Alewife Center, Suite 450 Cambridge, MA 02140 PHONE 617.206.3900 WWW.CO3SYS.COM “Co3 Systems makes the process of planning for a nightmare scenario as painless as possible, making it an Editors’ Choice.” PC MAGAZINE, EDITOR’S CHOICE “Co3…defines what software packages for privacy look like.” GARTNER “Platform is comprehensive, user friendly, and very well designed.” PONEMON INSTITUTE Bill Hardin 30 S. Wacker Drive Suite 3100, Chicago, IL 60606 312.583.4119 Office | 773.415.3076 Mobile | bill.hardin@navigant.com WWW.NAVIGANT.COM Jennifer Coughlin Nelson Levine de Luca & Hamilton, LLC 215-358-5134 jcoughlin@nldhlaw.com WWW.NLDHLAW.COM