3rd National
Legal and Operational Forum on

Preventing and Responding to Securities Breaches

Thursday, September 28, 2006

About

With the tremendous upsurge of corporate data breaches in recent years, no business or industry is safe. In 2005 alone, nearly 56 million customers faced potential misuse of their personal information and this does not even include the number of employees who faced similar violations of their privacy. With the constant emergence of new threats, it is harder than ever to ensure effective prevention strategies. Hackers and other company outsiders are finding new, more sophisticated ways to gain access to companies' confidential data. Dishonest and negligent employees are responsible for a surprisingly large percentage of breaches. And, the continuing growth in the use of third-party vendors with access to a company's sensitive data has further increased exposure.

Financial institutions, retailers, hospitals, and businesses of all types and sizes have fallen victim to the staggering costs, both from remediation and lost customers. With price tags as high as $21 million to cure the effects of a breach and 60% of surveyed customers indicating that they would consider leaving a company post-breach, this is a problem to which every company must dedicate significant resources.

In this environment, it is not sufficient simply to have an information security plan in place. Rather, all of a company's key players, including the CIO, CTO, Privacy Officers, Counsel and others, must operate cohesively and quickly to stay ahead of fraudsters.

ACI's Security Breaches publication will provide you with tested, real-life practical strategies. Leading industry players will give you the latest strategic information on:

  • Creating an internal framework for breach convention
  • Shoring up your defenses against the latest waves of breaches
  • Creating an incident response plan to handle breaches
  • Protecting your data from both internal and external threats
  • Minimizing the cost and backlash of a security breach should one occur

Contents & Contributors

About

With the tremendous upsurge of corporate data breaches in recent years, no business or industry is safe. In 2005 alone, nearly 56 million customers faced potential misuse of their personal information and this does not even include the number of employees who faced similar violations of their privacy. With the constant emergence of new threats, it is harder than ever to ensure effective prevention strategies. Hackers and other company outsiders are finding new, more sophisticated ways to gain access to companies' confidential data. Dishonest and negligent employees are responsible for a surprisingly large percentage of breaches. And, the continuing growth in the use of third-party vendors with access to a company's sensitive data has further increased exposure.

Financial institutions, retailers, hospitals, and businesses of all types and sizes have fallen victim to the staggering costs, both from remediation and lost customers. With price tags as high as $21 million to cure the effects of a breach and 60% of surveyed customers indicating that they would consider leaving a company post-breach, this is a problem to which every company must dedicate significant resources.

In this environment, it is not sufficient simply to have an information security plan in place. Rather, all of a company's key players, including the CIO, CTO, Privacy Officers, Counsel and others, must operate cohesively and quickly to stay ahead of fraudsters.

ACI's Security Breaches publication will provide you with tested, real-life practical strategies. Leading industry players will give you the latest strategic information on:

  • Creating an internal framework for breach convention
  • Shoring up your defenses against the latest waves of breaches
  • Creating an incident response plan to handle breaches
  • Protecting your data from both internal and external threats
  • Minimizing the cost and backlash of a security breach should one occur

Contents & Contributors


MEETING REGULATORY STANDARDS FOR PRIVACY AND DATA SECURITY
Leonard L. Gordon, Federal Trade Commission, Northeast Division

RECOMMENDED PRACTICES ON NOTICE OF SECURITY BREACH INVOLVING PERSONAL INFORMATION
Joanne McNabb, California Office of Privacy Protection, Dept. of Consumer Affairs

NOTIFYING CUSTOMERS OF SECURITY BREACHES
William H. Henley, Jr., FDIC

CONFRONTING THE LATEST THREATS
Ian Lim, New Century Financial Corporation

CREATING AN INCIDENT RESPONSE PLAN
Lynn Goldstein, JPMorgan Chase & Co.

CONSTRUCTING A DATA BREACH RESPONSE PLAN
Stuart D. Levi, Skadden, Arps, Slate, Meagher & Flom LLP

SECURITY BREACH NOTIFICATION: ADAPTING TO THE REGULATORY FRAMEWORK
Thomas J. Smedinghoff, Wildman Harrold LLP

DATA BREACHES: NOTIFICATION REQUIREMENTS AND SECURITY ENFORCEMENT
Liisa M. Thomas, Winston & Strawn LLP

ARE YOU READY FOR THE NEXT CRISIS?
Gene Grabowski, Levick Strategic Communications

CREATING AN INTERNAL FRAMEWORK FOR BREACH PREVENTION
Carol Pockrus, Sovereign Bank
Jay Cline, Carlson Companies

FOUNDATIONS FOR STRONG THIRD PARTY DATA PROTECTION
Akiba Stern, Morgan Lewis Bockius LLP

PROTECTING DATA IN THIRD-PARTY HANDS PREPARING AND NEGOTIATING THE THIRD-PARTY CONTRACT
Susan Lau, Wells Fargo & Company

WHEN THINGS GO BADLY WRONG MANAGING VENDOR INCIDENTS
Peggy Eisenhauer, Privacy & Information Management Services

CREATING A CULTURE OF CONFIDENTIALITY TO MINIMIZE THE POTENTIAL FOR SECURITY BREACHES
John N. Gevertz, Automatic Data Processing, Inc. INFORMATION ASSURANCE & CYBER SECURITY IN A NEW THREAT ENVIRONMENT
Brenton C. Greene, Lucent Technologies, Inc.

DATA SECURITY AUDIT
Paul Bond, Reed Smith



DOCUMENT TYPES: PRESENTATIONS AVAILABLE: 0