Menu

Blogs

Showing Blog Posts: 1–10 of 89 tagged Legal

  • Social Media Security: Leveraging Social Networking While Mitigating Risk

    by Ben Rothke on February 3, 2015

    A firm can spend decades building a brand into one that inspires trust. Unfortunately, social media can quickly destroy that trust in an instant. In Social Media Security: Leveraging Social Networking While Mitigating Risk, author Michael Cross provides a comprehensive overview of the security and privacy risks around social media. The book lives up to its title and effectively shows the reader…

  • InfoSec Needs to Work With Government to Shape New Laws

    by Todd Inskeep on January 21, 2015

    The President’s State of The Union address Tuesday night addressed Information Security for the second time in three years. Two years ago, in 112 words, the President announced the NIST Framework, increased information sharing through executive action, and called for the nation to “face the rapidly growing threat from cyber-attacks.” The threat then was theft of corporate secrets and “real threats…

  • N-DEx: Law Enforcement Security Standards

    by Robert Moskowitz on January 5, 2015

    The U.S. government launched a major law enforcement project, the National Data Exchange (N-DEx), in March 2008 to facilitate cases, criminal information, and available evidence among cooperating agencies. It's 2014, and the project is languishing. N-DEx was designed as an information repository that federal, state, and local law enforcement could tap for a variety of purposes, with the basic idea…

  • The Muddled State of Security Standards

    by John Linkous on December 22, 2014

    One of my favorite quotes—attributed to either Admiral Grace Hopper or computer science professor Andy Tanenbaum—goes something like this: "The nice thing about standards is that there are so many to choose from." It’s true in the information security world, too. Standards, Standards Everywhere! Let’s first settle what we mean by security standards. There's no shortage of recommendations on how to…

  • What's in Your Privacy Policy?

    by Christopher Burgess on December 4, 2014

    The days of asking "Why do I need an entire policy about privacy?" are long gone. Users regularly evaluate the trade-off between how their information is being used and the cost to personal privacy. Every company needs to be upfront about how user data is being used, shared, and stored. What Does a Privacy Policy Look Like? A quick survey of well-known companies and their respective privacy…

  • And Then There Were None: Europe, the Internet, and the Right to Be Forgotten

    by John Linkous on October 20, 2014

    The European Court of Justice's ruling in May said that individuals have the "right to be forgotten" could fundamentally change Internet privacy and security. The case involved a Spanish attorney, Mario Costeja González, who was troubled that public notices were being posted in his local newspaper regarding the repossession and auction of his home. He appealed to the Court, which ruled that, …

  • Bitcoin and the Future of Crypto-Currency

    by John Linkous on September 23, 2014

    Break out your cryptographically-signed digital wallet and lay your bets: Where is Bitcoin going? As perhaps the best-known—but certainly not the sole—crypto-currency around, Bitcoin has certainly seen its share of media coverage in recent months. And like other hot-button subjects, Bitcoin seems to elicit strong reactions both for and against it. Some view it as a universal currency, free from…

  • Security Audit: The Pitfalls of Third-Party Assessments

    by John Linkous on September 9, 2014

    Everyone is aware of last year’s data breach at Target. Millions of records of cardholder data were stolen and Target is still recovering, with current costs at $148 million. What's not well-known, or openly discussed, is the behind-the-scenes conversations the company has had with its PCI assessor and the standards organization. The PCI Security Standards Council (SSC), consisting of major credit…

  • Supply Chain Security: What It Means on a Global Level

    by John Linkous on July 18, 2014

    Take a good, long look at your smartphone. While there is a big vendor name on the outside, if you were to open up its case, you would find several other vendor labels on various components: capacitive touchscreens; video and audio ASICs; Bluetooth and WiFi hardware; and individual capacitors, resistors, and other electronics gear building blocks, to name just a few, all of which are manufactured…

  • The FTC v. Wyndham Decision: A New Era or More of the Same?

    by Gib Sorebo on April 14, 2014

    The recent decision of the Federal Trade Commission v. Wyndham Worldwide Corporation reflected, for the first time, a court’s view on the Federal Trade Commission’s (FTC’s) authority to regulate cybersecurity under the Federal Trade Commission Act. The court concluded that (1) the FTC does have the authority to regulate cybersecurity under its authority in Section 5 of the FTC Act to address…

This document was retrieved from http://www.rsaconference.com/blogs on Sat, 28 Mar 2015 05:21:25 -0400.
© 2015 EMC Corporation. All rights reserved.