In the wake of some extreme weather during 2011 (earthquakes, tsunamis, tornadoes, hurricanes, and mudslides), what better time to review your disaster recovery and business continuity (DR/BC) solution and planning processes? In some cases, DR/BC planning is a legal or regulatory requirement, but even where it is not, common sense…
Because evaluating a service provider’s security posture is more challenging in the cloud, in Part Three of this article we looked at ways to evaluate a cloud service provider’s security prior to signing the contract and some of the issues between customers and suppliers created by the SEC Guidance. In…
In Parts One and Two of this article we discussed the new Guidance issued by the Securities and Exchange Commission (SEC) Division of Corporation Finance that provides guidance to companies with regard to whether and how a company should disclose the impact of the risk and cost of cybersecurity incidents…
With cloud services now obtaining as much press as the fallout from Kim Kardashian’s wedding, it seems safe to say that clouds are likely to be in the business forecast for the foreseeable future. A strong answer to every IT infrastructure manager’s prayers, cloud computing can provide both a scalable…
Hot on the heels of the UK Information Commissioner’s approval of First Data’s binding corporate rules (BCRs), Viviane Reding, the Vice President of the European Commission and EU Justice Commissioner has signalled reform of the BCR scheme aimed at making BCRs even more effective. BCRs are a way of ensuring…
14 November 2011 saw First Data Corporation become the 11th entity to have binding corporate rules (BCRs) approved by the UK’s Information Commissioner’s Office (ICO). First Data Corporation is a global electronic commerce and payment processing company. As a payment processor, secure handling of data is at the heart of…
The holiday shopping season in the U.S. started in earnest on Black Friday (or even Thursday for some stores) and online shopping celebrates today with “Cyber Monday.” Contrary to popular belief that Black Friday is the day that retailers go from being in the “red” to being in the “black”…
Do you transfer personal data from Europe to the US? Do you use cookies on a website aimed at European customers? Do you send marketing emails to Europe? Do you otherwise “process” data in Europe? Do you really have consent to process personal data? If any of these questions strike…
In Part One of this article, we looked at the Securities and Exchange Commission (SEC) Division of Corporation Finance’s recent release – CF Disclosure Guidance: Topic No. 2 – Cybersecurity (the “Guidance”), which is intended to provide guidance to companies on whether and how to disclose the impact of the…
On October 13 the Securities and Exchange Commission (SEC) Division of Corporation Finance released CF Disclosure Guidance: Topic No. 2 – Cybersecurity (the “Guidance”), which is intended to provide guidance to companies on whether and how to disclose the impact of the risk and cost of cybersecurity incidents (both malicious…