Security Management Strategies for the CIOAccess "Understanding the Data Accountability and Trust Act"
This article is part of the December 2010 issue of Inside the Data Accountability and Trust Act and what it means for security
There are currently more than 40 different state and territorial laws that require organizations entrusted with personal identifying information to notify individuals when their information has been exposed to unauthorized parties. These laws range from those only requiring notification to those that mandate full security programs designed to prevent breaches in the first place. They define personal identifying information differently, require different notification processes, and force organizations to deal not only with the victims of the breach, but also the attorneys general of all the states where victims reside. The complexity and cost of notification, let alone the difficulty of ensuring compliance with security program requirements, are daunting. Still, breaches that lead to identity theft happen regularly and people expect organizations to be held accountable for their personal information's security. Politicians have heard the public outcry and have recognized that there is a need for more uniform protection of personal data and more manageable and... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Disaster recovery and contingency planning security considerations
Security must be included in disaster recovery planning to ensure sensitive data is protected.
-
Customized malware programs require new response, experts say
Cybercriminals are taking advantage of poorly deployed security software with customized malware designed to infiltrate systems and steal data without being detected.
-
Disaster recovery and contingency planning security considerations
-
-
Understanding the Data Accountability and Trust Act
by Richard E. Mackey, Jr., Contributor
The Data Accountability and Trust Act, if passed into law, would create a national standard for privacy and data protection.
-
Vendor risk management and the CISO
by Eric Holmquist
The CISO has a key role in reducing the risk of sharing sensitive corporate data with third parties.
-
Understanding the Data Accountability and Trust Act
by Richard E. Mackey, Jr., Contributor
-
Columns
-
Cloud computing technology: Don't get left behind
Cloud computing presents a lot of security issues but security professionals need to accept the challenge.
-
Career advantages of security professional certifications and advanced degrees
by Lee Kushner and Mike Murray
Choose wisely when pursuing industry certifications and advanced degrees to gain the best competitive advantage.
-
Internet privacy laws will get attention in the next Congress
by Judith Harris, Christopher Cwalina, and Amy Mushahwar
In the 112th Congress, enterprises can expect a heavy focus on Internet privacy issues on Capitol Hill.
-
Cloud computing technology: Don't get left behind
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...