This book includes a plain text version that is designed for high accessibility. To use this version please follow this link.
Do You Have a Data Breach Response Plan?


Heather Henstock


Target stores’ massive data breach that exposed the personal data of more than 10 million customers during the holiday shopping season last year represents only the tip of the data security iceberg. Records and information management companies, charged with the safe storage of vast amounts of personal and private information, take measured steps to avoid such breaches. They also need data breach response plans in the event that a breach or suspected breach occurs—because it most likely will.


More than 1 million data breaches occurred worldwide during the first quarter of 2014, according to the Ponemon Institute, Traverse City, MI. This number is the first on record for the institute, which conducts independent research on privacy, data protection, and information security policy. (See the accompanying article on the following page.)


Data protection company SafeNet Inc., Baltimore, MD, also recorded significant data breach events in the first 3 months of the year. The company’s SafeNet Breach Level Index (BLI) tracked more than 254 publicized data breaches, representing


“Most data breaches that occur are internal. They’re not


malicious. They’re negligent. ” —Dr. Ross Federgreen


2


200 million lost or stolen data records worldwide. These numbers represent a 233% increase over the first quarter of last year. Of the 254 data breaches that occurred during the quarter, only 1% were “secure breaches,” in which strong encryption, key management, or authentication solutions protected the data from being used, according to the SafeNet press release. “It touches every type of business. It’s absolutely universal, and the arrow is only going up,” said Dr. Ross Federgreen, CEO and founder, Compliance Solutions and Resources (CSR). Federgreen will be presenting “Building a Data Breach Tool Kit” at PRISM International’s Data Protection Conference September 18–19 in Rosemont, IL.


Data breach numbers are multiplying not only because the number of occurrences has increased, but also because the type of data considered private personal information has expanded. Far more than names, addresses, and Social Security numbers, private information extends to facial recognition, fingerprints, biological data, biometric data, genetic information, and more. “One of the big issues is your genetic information,” Federgreen said. “If someone gets ahold of your genetic information, it may affect insurance rates, employability, or military eligibility.”


As data breach numbers skyrocket, so do associated businesses. “Cybersecurity insurance is the fastest-growing insurance category,” Federgreen said. He also points out that data security compliance departments are the fastest-growing departments for most companies. With the explosive growth of data security problems, where is the silver lining?


PRISM International


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28