Commentaries and Analyses – Page 766

Does a presidential executive order on cybersecurity get a hotel chain off the FTC hook for its breaches?

Posted on March 14, 2013 by Dissent

I occasionally check the docket for FTC’s lawsuit against Wyndham over the multiple breaches they experienced. A story in my news reader today about how Ben Rothke of Wyndham Worldwide gave a talk on “The five habits of highly secure organizations” struck me as somewhat ironic, and I decided to see where the lawsuit stood. Of…

New U.S. Supreme Court Decision Will Likely Impact Data Breach Litigation

Posted on March 8, 2013 by Dissent

Rebecca J. Schwartz writes: On February 26, 2013, the United States Supreme Court in Clapper v. Amnesty International confirmed a demanding threshold showing for plaintiffs suing based on increased risk of harm in privacy-related. The decision effectively resolves a circuit split over the application of the Article III standing requirement in data breach cases. Plaintiffs must show that the…

ICO: Companies Laissez Faire over BYOD personal data

Posted on March 8, 2013 by Dissent

Antony Savvas reports: The Information Commissioner’s Office (ICO) says many employers “appear to have a laissez faire attitude” to allowing staff to use their personal devices for business, which may be placing people’s personal information at risk. ICO commissioned YouGov to question 2,150 UK adults, which found that almost half (47 percent) now use their…

Bank of America Gets A Burn Notice

Posted on March 8, 2013 by Dissent

Krypt3ia analyzes the BofA leak, which I had mentioned on this blog, here. Here’s a snippet from his post: One of the problems I have with the Paranoia analysis is that they take it to the conspiratorial level and make it out to be some pseudo CIA like entity. The reality though is that from…

The Words Organizations Use In Their Data Breach Notices

Posted on March 5, 2013 by Dissent

George Jenkins creates word clouds from breach notices over on I’ve Been Mugged.

Recent 10-Ks mentioning “cyber” incidents

Posted on March 5, 2013 by Dissent

Some interesting information compiled by Chris Walsh: Slides from his February 28, 2013 RSA presentation, “Infosec Intelligence And Regulatory Filings: An Investigation Of The Information Security Content Of Mandatory Sec Disclosures” are linked from this blog post, and A compilation of some recent 10-k disclosures can be found here.