The Federal Trade Commission is expanding its efforts to help businesses protect consumers’ information through a new initiative that will provide them with more information on data security.
Called “Start With Security,” the initiative includes new guidance for businesses that draws on the lessons learned in the more than 50 data security cases brought by the FTC through the years, as well as a series of conferences to be held across the country, with the first event set for Sept. 9 in San Francisco.
“Promoting good data security practices has long been a priority for the FTC,” said Jessica Rich, Director of the FTC’s Bureau of Consumer Protection. “The new Start with Security initiative shares lessons from the FTC’s 53 data security cases. Although we bring cases when businesses put data at risk, we’d much rather help companies avoid problems in the first place.”
The first conference will take place Sept. 9 and be hosted and co-sponsored by the University of California Hastings College of the Law in San Francisco, and will be the first in a series of events held across the country aimed at small- and medium-sized businesses in various industries. The second event, co-sponsored by the University of Texas Robert C. Strauss Center for International Security and Law, is slated for Nov. 5 in Austin, Texas.
Aimed at start-ups and developers, the September event will bring together experts to provide information on security by design, common security vulnerabilities, strategies for secure development, and vulnerability response.
The business guidance, published today, lays out ten key steps to effective data security, drawn from the alleged facts in the FTC’s data security cases. The document is designed to provide an easy way for companies to understand the lessons learned from those previous cases. It includes references to the cases, as well as plain-language explanations of the security principles at play.
In addition to the new guidance, the FTC has also introduced a one-stop website that consolidates the Commission’s data security information for businesses. It can be found at www.ftc.gov/datasecurity.
The guidance builds on the advice the FTC has provided to businesses in other publications, including “Protecting Personal Information,” “Mobile App Developers: Start with Security,” and “Careful Connections: Building Security in the Internet of Things,” as well as ongoing posts on data security issues on the FTC’s business blog.
The new publication is available online, and print copies are available through the FTC’s publication bulk order site.
SOURCE: Federal Trade Commission