by
Sarah Harvey / October 4, 2023
The California Consumer Privacy Act will go into effect on January 1, 2020, which gives organizations who have yet to start their compliance efforts less than three months to prepare for the enforcement of the new data privacy law. While ensuring compliance with a new legal requirement is never easy and is often stressful, we’ve come up with seven steps to follow that can act as a roadmap for CCPA…
by
Sarah Harvey / December 15, 2022
Organizations are experiencing increasing commercial pressure from their business customers and individual consumers to provide timely, clear, and adequate breach notification. Now, organizations are facing increasing regulatory pressure to provide timely, clear, and adequate breach notification. One of the most recent regulatory changes apply to the Texas Identity Theft Enforcement and Protection Act (TITEPA). These changes create additional regulatory requirements and force businesses to disclose certain security breaches directly to…
by
Sarah Harvey / June 14, 2023
How much do you think a buyer on the dark web would pay for stolen data? How much would you estimate a hacker can profit off of personal data? The truth is, the price of stolen data is worth the risk for hackers but always costly for organizations that store, process, transmit, or destroy personal data. How Do Hackers Make Money? When a system is breached and personal data is…
by
Sarah Harvey / June 13, 2023
In 2019, State Farm notified policyholders of a cybersecurity attack in the form of credential stuffing, a tactic often used by hackers that relies on a lack of password maintenance. State Farm took proper measures to reset passwords and notify affected parties of the attack, but what if State Farm employees were properly implementing multi-factor authentication practices from the start? Would this attack have even happened? How could State Farm…
by
Sarah Harvey / December 15, 2022
In August 2019, a third-party bug bounty discovered a data breach that exposed email addresses, hashed and salted passwords, API keys, and TLS keys for a subset of Imperva’s, a leading provider of Internet firewall services, cloud WAF users. This proves that no matter the vendor, you must perform your due diligence to ensure your own security won’t be at risk by working with a certain vendor – even if…
