Blogs

Showing Blog Posts: 31–40 of 65 tagged Compliance

  • The Tangled Web: A Guide to Securing Modern Web Applications

    by Ben Rothke on January 25, 2012

    In the classic poem Inferno, Dante passes through the gates of Hell, which has the inscriptionabandon all hope, ye who enter here above the entrance. After reading The Tangled Web: A Guide to Securing Modern Web Applications, one gets the feeling the writing secure web code is akin to Dante’s experience. In this incredibly good and highly technical book, author Michal Zalewski writes that modern…

  • The Legal Profession – Still Catching Up with the New Reality

    by Stephen Wu on December 8, 2011

    eDiscovery rules, the law of spoliation, and evidence law now address electronically stored information (ESI). Courts and some commentators are now talking about the effect of the Internet, social networking, and cloud computing on eDiscovery and evidence law. Thus, the law is starting to catch up with the new reality of computers and the Internet. But is the legal profession catching up with this…

  • California Beefs Up Its Breach Notification Law

    by Stephen Wu on September 28, 2011

    Although we have an old cliché that says, “third time is the charm,” in the case of changing California’s breach notification law, State Senator Joe Simitian required four attempts to see the passage of his bill amending the law. On August 31, 2011, Governor Jerry Brown signed Senate Bill No. 24, a bill to enhance California’s breach notification law, S.B. 1386 from 2003. Former Governor Arnold…

  • Another Reason to Have a Security Policy – Your Customer Demands It

    by Stephen Wu on August 25, 2011

    I am always interested to see the dialogue on the listserv of the Information Security Committee (ISC) of the American Bar Association Section of Science & Technology Law. As a former Co-Chair of the ISC and Immediate Past Chair of the Section, I like to see people sharing ideas, tips, and useful documents, such as forms and checklists, that help people do their jobs. One of the recent posts on the…

  • Apple’s iCloud Will Change How We Do eDiscovery

    by Stephen Wu on July 4, 2011

    In June 2011, Apple unveiled its new iCloud service, with the company promoting the next step in moving away from PC-based computing towards a cloud-centric model of computing. Apple’s iCloud service syncs data among devices, supports automatic data backup, and support third party applications which, over time, will presumably permit a wide range of data uses and sharing. Apple’s new service…

  • Is the oil industry due for a little cyber security attention?

    by Gib Sorebo on June 1, 2010

    The legal profession is often seen as having the rather dubious distinction of seeking to profit at the misfortunes of others or, more simply, of being ambulance chasers. As law graduate myself, I don’t dispute that many practicing lawyers get rather aggressive around accident sites. Nonetheless, much of the profession’s bad name derives instead from the highly valuable function they perform, …

  • Books from SAP Press

    by Ben Rothke on May 25, 2010

    I recently came upon SAP Press, an imprint that seems somewhat new. They focus on titles around SAP and NetWeaver. They have a number of books on risk and compliance – see http://www.sap-press.com/categories/Governance%2C-Risk%2C-and-Compliance, which seems to be of value for anyone needed to secure or audit an SAP environment. There does not seem to be any titles specifically around SAP security;…

  • New Mississippi Breach Notification Law

    by Stephen Wu on May 15, 2010

    On April 7, 2010, Mississippi became the 46th state in the U.S. to enact breach notification legislation when the governor signed H.B. 583. The Mississippi House passed the legislation in January, and the Mississippi Senate amended and passed a version of H.B. 583 in March. The legislation covers businesses holding the personal information of Mississippi residents. For a copy of Mississippi H.B. …

  • California Information Security Legislative Update

    by Stephen Wu on May 5, 2010

    Last year, California addressed the disposal of personal information by enacting AB 1094, which provides a safe harbor for storage companies or landlords when they end up with others’ records containing personal information. Governor Schwarzenegger, however, vetoed legislation, SB 20, to enhance the state’sbreach notification law to require notification to the California AttorneyGeneral, in…

  • North Carolina's Amendment to its Breach Notification Law

    by Stephen Wu on April 17, 2010

    Although almost all the states have some form of breach notification law, the legislative process regarding breach notification has not reached an end. Some states are changing their breach notification laws in an effort to enhance their protections. Last July, North Carolina enacted S.B. 1017, which amends the state’s breach notification law. N.C. Gen. Stat. § 75-65. Click here for a copy of S.B. …

This document was retrieved from http://www.rsaconference.com/blogs on Wed, 23 Apr 2014 08:20:44 -0400.
© 2014 EMC Corporation. All rights reserved.