Access "Damage Control"
This article is part of the April 2005 issue of Spotlight on the incident response hot seat
EXPOSE ChoicePoint's Rich Baich faced the perfect storm: a huge security breach, intense media attention and a shareholder revolt. What he needed was a response plan to get him out of the HOT SEAT. Legislation: Disclosure Loopholes ChoicePoint may have discovered the breach that exposed the personal data of 145,000 people, but the break-in likely would never have been publicly disclosed had it not been for California's landmark Security Breach Information Act, SB 1386. The Georgia-based company was bound by law to come clean to more than 35,000 affected Californians, and soon revealed that 110,000 more Americans nationwide were also at risk to identity theft. What few know is that the law gives compromised companies wide latitude as to when they must inform consumers. The gap between discovery and disclosure could ultimately work against numerous state and federal bills swiftly being modeled after the California statute. "I don't think that Congress or big business really has a clue yet as to how to deal with consumer data privacy," says Stephen Cobb, author... Access >>>
Premium Content for Free.
Secure Reads: The Executive Guide to Information Security
Read a review of the book, The Executive Guide to Information Security: Threats, Challenges, and Solutions.
Security information management review: Security Threat Manager 3.0
A review of Security Threat Manager 3.0
Hot Pick: Sentryware's HIVE 3.0
Evolving risk dashboards will tell how secure you are and when something's wrong.
Rights of Passage
Our tests found that most endpoint security products will enforce policy and network access. Their differences are in the details.
- Secure Reads: The Executive Guide to Information Security
Intrusion Prevention: Top Layer's Attack Mitigator IPS 5500
Attack Mitigator IPS 5500
Antivirus: Kaspersky Anti-Virus Business Optimal 5.0
Kaspersky Anti-Virus Business Optimal 5.0
Recent Releases: Security product briefs, April 2005
Learn about the information security products released in April 2005.
Ready For Takeoff
Cutting costs was the only way to keep United Airlines flying high. Rich Perez's answer was to rebuild the network.
ChoicePoint's Rich Baich faced the perfect storm: a huge security breach, intense media attention and a shareholder revolt. What he needed was an incident response plan to get him out of the hot seat.
- Intrusion Prevention: Top Layer's Attack Mitigator IPS 5500
More Premium Content Accessible For Free
Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...
The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...
For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...