Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

5/26/2009
10:33 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

White Paper: Data Breaches Continue, Yet Businesses Neglect Proper Security Measures

"The Legal Risks of Data Loss in the United States," a white paper commissioned by Becrypt, explores risks associated with losing data and other valuable and confidential information

ANNAPOLIS, M.D. " May 21, 2009 " Becrypt, a leading supplier of enterprise data security solutions, announced today the launch of a whitepaper titled, "The Legal Risks of Data Loss in the United States." Written by Robinson & Cole LLP, a law firm serving the legal interests of clients throughout the world, and commissioned by Becrypt, the whitepaper is designed to provide business owners and IT security personnel with an in-depth look at the realities of a data breach and how they can avoid falling victim to such an event. Specifically, the paper explores the many risks associated with losing data and other valuable and confidential information, presents an overview of relevant U.S. state and federal legislation, and offers best practices and guidance for companies to protect against data theft and loss.

"Businesses are increasingly becoming more accountable for protecting individuals' sensitive information," said Steven Bessellieu, CEO, Becrypt, Inc. "While this is great news for individuals, it often leaves businesses unsure of how exactly to comply with a new regulation or mandate. We developed this whitepaper with Robinson & Cole to help business owners faced with that dilemma and to alert them of the many consequences if they don't properly comply."

Despite the many massive breaches that make national headlines daily, companies still often do not take the necessary security measures to protect against them. The State of Oklahoma Department of Human Services experienced this first hand when a laptop was stolen last month from the car of an agency employee. The laptop held more than one million residents' names, addresses, home phone numbers and Social Security numbers " all of which were unencrypted. While incidents like this are bound to happen, companies can effectively protect themselves by preparing beforehand. In this case, if the information was encrypted, it could have potentially saved the department from further unnecessary scrutiny, the cost to remediate the situation, and the public relations nightmare that typically follows.

The incident at the State of Oklahoma Department of Human Services is just one of many breaches highlighted in the whitepaper that show the numerous ways businesses can be exposed to risk. While this event resulted from a lost laptop, disgruntled employees, carelessness and hacking are other common avenues for data theft. In addition to outlining particular incidents, this whitepaper also discusses state and industry-specific laws, such as The Health Insurance Portability and Accountability Act of 1996 ("HIPAA") and The Gramm-Leach-Bliley Act ("GLB"), and highlights 10 simple steps businesses can take to put a security plan into action.

"When people think of a data breach, they almost automatically think of personal and confidential information being exposed, but often proprietary company information is also put at risk," said Kathleen Porter, partner, Robinson & Cole LLP. "Combined with the average cost of a data breach, which the Ponemon Institute estimates is $202 per individual record lost, such an event could put a small to medium-sized company out of business."

For more information on Becrypt or to view the whitepaper, visit https://www.becrypt.com/americas/Downloads/Whitepaper-Download/

About Becrypt Becrypt is a global leading supplier of innovative Information Assurance solutions and services, providing secure, feature rich, out of the box products that are government-certified and suitable for all industry sectors.

Becrypt is the largest supplier of encryption technology to the UK Government, Ministry of Defence and UK Police.

Becrypt plays a leading role in the Information Assurance industry through membership and participation in the Trusted Computing Group (TCG) and the Organization for the Advancement of Structured Information Standards (OASIS) where the company sits on the Key Management Interoperability Protocol (KMIP) committee. In addition, Becrypt currently chairs the Crypto Developers Forum (UK). Through technology and OEM partnerships the company enables third-party solutions with encryption and other data security capabilities.

Becrypt has offices in Annapolis, Maryland, USA, London, UK and Sydney, Australia serving clients worldwide.

For more information please visit: www.Becrypt.com, email [email protected], or call: (800) 775-0416.

About Robinson & Cole's Technology & Data Security Practice Offering comprehensive legal and business experience in transactional, regulatory and litigation matters, our practice serves vendors of technology and technology-enabled products and services around the world. Our global reputation as a market leader in protecting the North American legal interests of software suppliers, system integrators and professional services organizations is earned from nearly 30 years of experience helping technology clients achieve their strategic, financial and operational goals while protecting their valuable intellectual property. For more information, please contact partners Kathleen M. Porter at [email protected], Richard Green at [email protected] or attorney Benjamin Goldberg at [email protected] or visit www.rc.com.

Media contact Juliana Allen March Communications Tel: 617-960-9880 [email protected]

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/27/2020
The Problem with Artificial Intelligence in Security
Dr. Leila Powell, Lead Security Data Scientist, Panaseer,  5/26/2020
How an Industry Consortium Can Reinvent Security Solution Testing
Henry Harrison, Co-founder & Chief Technology Officer, Garrison,  5/21/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8603
PUBLISHED: 2020-05-27
A cross-site scripting vulnerability (XSS) in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow a remote attacker to tamper with the web interface of affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or ...
CVE-2020-8604
PUBLISHED: 2020-05-27
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to disclose sensitive informatoin on affected installations.
CVE-2020-8605
PUBLISHED: 2020-05-27
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to execute arbitrary code on affected installations. Authentication is required to exploit this vulnerability.
CVE-2020-8606
PUBLISHED: 2020-05-27
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to bypass authentication on affected installations of Trend Micro InterScan Web Security Virtual Appliance.
CVE-2020-11075
PUBLISHED: 2020-05-27
In Anchore Engine version 0.7.0, a specially crafted container image manifest, fetched from a registry, can be used to trigger a shell escape flaw in the anchore engine analyzer service during an image analysis process. The image analysis operation can only be executed by an authenticated user via a...