Access your Pro+ Content below.
How to develop a data breach response strategy
This article is part of the September 2010 issue of Information Security magazine
What happens when your company experiences a data breach involving intellectual property or valuable trade secrets? In the last year, there's been a significant uptake in the number of corporations seeking legal advice around the protection of their high value intellectual property -- particularly organizations with large overseas operations. While this type of data may not be as regulated as personally identifiable information (PII), its loss can be more financially damaging. Take, for instance, the real-life example of an organization in the process of closing a deal in the hundreds of millions of dollars. The entity with whom the organization was negotiating had a suspiciously high amount of privileged information, right down to references made by key executives in their emails. A forensics investigation determined that the organization, and its outside advisors, had indeed been the victims of a breach where emails and intellectual property relevant to the deal were accessed. While CEOs might think this type of industrial ...
Features in this issue
For the fifth consecutive year, Information Security readers voted to determine the best security products. Nearly 1,500 voters participated this year, rating products in 14 different categories.
The collaborative nature of Web 2.0 introduces myriad threats to data that must be proactively countered.
What you can expect from this fall's update to the Payment Card Industry Data Security Standard.
Tools help protect privacy but safeguarding personal data in the age of Google and Facebook is getting harder.
Columns in this issue
Embedding security in hardware isn't new, but is it worth an $8 billion investment? Time will tell on the Intel-McAfee acquisition.
Targeted attacks on corporations and their crown jewels have become routine. Companies need to be prepared.
Bruce Schneier and Marcus Ranum debate the risks associated with employees using personal computing devices.