Monthly Archives: May 2016

Data Breaches. Construction Industry. 3 Pieces of Intel.

  • Data breaches are costly
    • internal costs related to security improvements, mitigation & notification
    • regulatory costs
    • costs arising from 3rd party claims
  • Identify risks, which for construction include:
    • file sharing with subcontractors
    • espcially for projects critical to infrastructure- hospitals, roads, energy facilities, governmetn facilities
  • Cyber Insurance to help your business cover costs

Miami Herald | Cyberattacks can cripple the construction industry

INTERIM. Data Security. Health Care. White House Proposal. 3 Pieces of Info to Keep you Informed.

What White House Proposal on data security affecting health care? On May 25, 2016 the White House released its final Data Security Policy Principles and Framework (Security Framework) for President Obama’s Precision Medicine Initiative (PMI).

What are the goals of the White House data security proposal?

  • Build patient trust
  • Adapatable security protocols
  • Dependable data preservation
  • Identify risks
  • Transparency with patients
  • Responsibility
  • Sharing. Collaboration

What requirements…

TREND Consumer Protection Agencies. Corporate Privacy Policies. New Regulations.

Who:     Federal Trade Commission

What:    Amendments to how companies disclose privacy policies & information to consumers

When:     Begins this fall

Standard of Review: The FTC favors corporate disclosures to consumers that are:

  • shorter
  • clearer
  • easier-to-use

The Hill | Consumer protection agency to look at disclosure issues

21 State Cyber Commissions. The Necessary Intel:

  • 21 Governors are presiding over State Cyber Security Commission.
  • The 2 most recent states:
    • Colorado
    • Indiana

Who sits on State Cyber Security Commissions?

  • Top IT leader in state government
  • public safety agency heads
  • executives from cyber companies
  • federal officials

What are the goals of State Cyber Security Commissions?

  • asses the security of state networks
  • develop cyber security legislation

4 Point Checklist for State Cyber Security Commissions:

  • Who should sit on the…

INTERIM. Banks v. Retailers Round 300. Federal Data Security Bills. 3 Key Pieces of Intel.

  • Financial Services support national data security standards & require nationwide data breach notification requirements for business
  • Retailers oppose federal legislation for the detrimental effect on retailers
  • The detrimental effect on retailers: applying banking rules on non-banks 

The Hill | Financial industry spars with retailers over data breach bill

The Hill | Retailers battle financial sector over data breach legislation

Schools Targeted by Data Collectors. The Intel to Know the Trend:

“Learning to be Watched: Surveillance Culture at School” report published  by the National Center for Education Policy at the University of Colorado at Boulder finds:

  • schools are soft targets for comapnies gathering data
  • free technology to school leads to data collection by the company
  • anonymized student data does not mean  students’ personally identifiable information (PII) is fully or permanently protected

Washington Post | Schools are now ‘soft targets’ for companies to…

INTERIM. TREND. Student Data Security Bills. 2016. 31 States. The Numbers you need to know:

  • In 2016, 31 states introduced student data security bills
  • in 2016, a total of 94 student data security bills were introduced
  • The 4 fastest states to act in 2016 were:
    • New Hampshire: a study to make recommendations
    • Utah: data governance standards
    • Virginia: contracting limitations, data limitations for student & teacher data
    • West Virginia: State Board level data governance standards

District Administration | CIO News | 31 states introduce student data privacy bills

Business TREND. Data Security Helps Business.

4 Key Pieces of Intel from how strong data security laws protect businesses:

  • Global market. EU contracts require strong data protections clauses
  • U.S. weak data security laws create uncertainty in the global market
  • Cost Opportunities. What might cost small companies to comply in the short run, the harm to innovation of not having high data standards cost U.S. businesses more. 
  • U.S. should be a leader in data security standards.

TechCrunch | Startups to Congress: Strong data security…

INTERIM. Another Student Privacy Bill. 7 New Requirements for Education Contractors & Vendors.

Who are the targets of Connecticut’s student data privacy bill?

  • contractors with local boards of education, the State Board of Education and the State Department of Education
  • operators of websites, online services and mobile apps

What will be required of education vendors?

  • outline and maintain security practices
  • prohibited from using personally identifiable student information for :
    • advertising purposes
    • any purpose apart from what their contract stipulates
  • vendors cannot retain…

TREND: Government Contracts + Data Security = New Federal Contracting Data Security Rule

Which entity promulgated the new federal contracting rule? Federal Acquisition Regulations (“FAR”) Council

Which data security rule for contractors are we talking about? Basic Safeguarding of Contractor Information Systems

Which contracts will be hit by the new rule?

  • all acquisitions by any federal executive agency
  • beginning June 15, 2016
  • If a contractor’s information system may contain “Federal contract information,” 
  • Applies to all subcontractors too

All contractors, and…