. . . Encryption, Response & a Good Attitude
By Tom Hagy
Here is who you don’t want to be. You don’t want to be the company that doesn’t protect data with even the most basic methods and technologies; that doesn’t have a breach response plan; that takes its sweet ol’ time addressing or reporting a breach; that lets the government read about the breach in the newspaper; and whose people welcome government investigators with the same warmth as they would, say, a wedding crasher with the flu.
Do regulators interpret notification requirements the same way businesses do? Do regulators actually assist companies when responding to breaches or are they there to uncover everything your company is doing wrong? What are regulators looking for from your company after a breach? These were questions answered during the recent NetDiligence® Cyber Risk & Privacy Liability Forum held in Marina del Rey, California. One of the sessions, moderated by Jason M. Weinstein, a former deputy assistant attorney general with the Department of Justice and now a partner at Steptoe & Johnson LLP, featured insights from representatives of attorney general offices in three states: Ryan Kriger from Vermont, Patrice Malloy from Florida, and Adam Miller from California.
You can read my full coverage of the session in the LexisNexis Corporate Counsel Advisory.
Also, check out the latest information on the upcoming NetDiligence Cyber Risk & Privacy Forum set for June 12-13, 2014 in Philadelphia.