About
With the tremendous upsurge of corporate data breaches in recent years, no
business or industry is safe. In 2005 alone, nearly 56 million customers faced
potential misuse of their personal information – and this does not even
include the number of employees who faced similar violations of their privacy.
With the constant emergence of new threats, it is harder than ever to ensure
effective prevention strategies. Hackers and other company outsiders are finding
new, more sophisticated ways to gain access to companies' confidential
data. Dishonest and negligent employees are responsible for a surprisingly
large percentage of breaches. And, the continuing growth in the use of third-party
vendors with access to a company's sensitive data has further increased
exposure.
Financial institutions, retailers, hospitals, and businesses of all types
and sizes have fallen victim to the staggering costs, both from remediation
and lost customers. With price tags as high as $21 million to cure the effects
of a breach and 60% of surveyed customers indicating that they would consider
leaving a company post-breach, this is a problem to which every company must
dedicate significant resources.
In this environment, it is not sufficient simply to have an information security
plan in place. Rather, all of a company's key players, including the
CIO, CTO, Privacy Officers, Counsel and others, must operate cohesively and
quickly to stay ahead of fraudsters.
ACI's Security Breaches publication will provide you with tested, real-life
practical strategies. Leading industry players will give you the latest strategic
information on:
- Creating an internal framework for breach convention
- Shoring up your defenses against the latest waves of breaches
- Creating an incident response plan to handle breaches
- Protecting your data from both internal and external threats
- Minimizing the cost and backlash of a security breach should one
occur
About
With the tremendous upsurge of corporate data breaches in recent years, no
business or industry is safe. In 2005 alone, nearly 56 million customers faced
potential misuse of their personal information – and this does not even
include the number of employees who faced similar violations of their privacy.
With the constant emergence of new threats, it is harder than ever to ensure
effective prevention strategies. Hackers and other company outsiders are finding
new, more sophisticated ways to gain access to companies' confidential
data. Dishonest and negligent employees are responsible for a surprisingly
large percentage of breaches. And, the continuing growth in the use of third-party
vendors with access to a company's sensitive data has further increased
exposure.
Financial institutions, retailers, hospitals, and businesses of all types
and sizes have fallen victim to the staggering costs, both from remediation
and lost customers. With price tags as high as $21 million to cure the effects
of a breach and 60% of surveyed customers indicating that they would consider
leaving a company post-breach, this is a problem to which every company must
dedicate significant resources.
In this environment, it is not sufficient simply to have an information security
plan in place. Rather, all of a company's key players, including the
CIO, CTO, Privacy Officers, Counsel and others, must operate cohesively and
quickly to stay ahead of fraudsters.
ACI's Security Breaches publication will provide you with tested, real-life
practical strategies. Leading industry players will give you the latest strategic
information on:
- Creating an internal framework for breach convention
- Shoring up your defenses against the latest waves of breaches
- Creating an incident response plan to handle breaches
- Protecting your data from both internal and external threats
- Minimizing the cost and backlash of a security breach should one
occur
Contents & Contributors
MEETING REGULATORY STANDARDS FOR PRIVACY AND DATA SECURITY
Leonard L. Gordon, Federal Trade Commission, Northeast Division
RECOMMENDED PRACTICES ON NOTICE OF SECURITY BREACH INVOLVING PERSONAL INFORMATION
Joanne McNabb, California Office of Privacy Protection, Dept. of Consumer Affairs
NOTIFYING CUSTOMERS OF SECURITY BREACHES
William H. Henley, Jr., FDIC
CONFRONTING THE LATEST THREATS
Ian Lim, New Century Financial Corporation
CREATING AN INCIDENT RESPONSE PLAN
Lynn Goldstein, JPMorgan Chase & Co.
CONSTRUCTING A DATA BREACH RESPONSE PLAN
Stuart D. Levi, Skadden, Arps, Slate, Meagher & Flom LLP
SECURITY BREACH NOTIFICATION: ADAPTING TO THE REGULATORY
FRAMEWORK
Thomas J. Smedinghoff, Wildman Harrold LLP
DATA BREACHES: NOTIFICATION REQUIREMENTS AND SECURITY ENFORCEMENT
Liisa M. Thomas, Winston & Strawn LLP
ARE YOU READY FOR THE NEXT CRISIS?
Gene Grabowski, Levick Strategic Communications
CREATING AN INTERNAL FRAMEWORK FOR BREACH PREVENTION
Carol Pockrus, Sovereign Bank
Jay Cline, Carlson Companies
FOUNDATIONS FOR STRONG THIRD PARTY DATA PROTECTION
Akiba Stern, Morgan Lewis Bockius LLP
PROTECTING DATA IN THIRD-PARTY HANDS – PREPARING AND NEGOTIATING THE THIRD-PARTY CONTRACT
Susan Lau, Wells Fargo & Company
WHEN THINGS GO BADLY WRONG – MANAGING VENDOR INCIDENTS
Peggy Eisenhauer, Privacy & Information Management Services
CREATING A CULTURE OF CONFIDENTIALITY TO MINIMIZE THE POTENTIAL FOR SECURITY BREACHES
John N. Gevertz, Automatic Data Processing, Inc.
INFORMATION ASSURANCE & CYBER SECURITY IN A NEW THREAT ENVIRONMENT
Brenton C. Greene, Lucent Technologies, Inc.
DATA SECURITY AUDIT
Paul Bond, Reed Smith
Publication Details