Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

5/26/2009
10:33 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

White Paper: Data Breaches Continue, Yet Businesses Neglect Proper Security Measures

"The Legal Risks of Data Loss in the United States," a white paper commissioned by Becrypt, explores risks associated with losing data and other valuable and confidential information

ANNAPOLIS, M.D. " May 21, 2009 " Becrypt, a leading supplier of enterprise data security solutions, announced today the launch of a whitepaper titled, "The Legal Risks of Data Loss in the United States." Written by Robinson & Cole LLP, a law firm serving the legal interests of clients throughout the world, and commissioned by Becrypt, the whitepaper is designed to provide business owners and IT security personnel with an in-depth look at the realities of a data breach and how they can avoid falling victim to such an event. Specifically, the paper explores the many risks associated with losing data and other valuable and confidential information, presents an overview of relevant U.S. state and federal legislation, and offers best practices and guidance for companies to protect against data theft and loss.

"Businesses are increasingly becoming more accountable for protecting individuals' sensitive information," said Steven Bessellieu, CEO, Becrypt, Inc. "While this is great news for individuals, it often leaves businesses unsure of how exactly to comply with a new regulation or mandate. We developed this whitepaper with Robinson & Cole to help business owners faced with that dilemma and to alert them of the many consequences if they don't properly comply."

Despite the many massive breaches that make national headlines daily, companies still often do not take the necessary security measures to protect against them. The State of Oklahoma Department of Human Services experienced this first hand when a laptop was stolen last month from the car of an agency employee. The laptop held more than one million residents' names, addresses, home phone numbers and Social Security numbers " all of which were unencrypted. While incidents like this are bound to happen, companies can effectively protect themselves by preparing beforehand. In this case, if the information was encrypted, it could have potentially saved the department from further unnecessary scrutiny, the cost to remediate the situation, and the public relations nightmare that typically follows.

The incident at the State of Oklahoma Department of Human Services is just one of many breaches highlighted in the whitepaper that show the numerous ways businesses can be exposed to risk. While this event resulted from a lost laptop, disgruntled employees, carelessness and hacking are other common avenues for data theft. In addition to outlining particular incidents, this whitepaper also discusses state and industry-specific laws, such as The Health Insurance Portability and Accountability Act of 1996 ("HIPAA") and The Gramm-Leach-Bliley Act ("GLB"), and highlights 10 simple steps businesses can take to put a security plan into action.

"When people think of a data breach, they almost automatically think of personal and confidential information being exposed, but often proprietary company information is also put at risk," said Kathleen Porter, partner, Robinson & Cole LLP. "Combined with the average cost of a data breach, which the Ponemon Institute estimates is $202 per individual record lost, such an event could put a small to medium-sized company out of business."

For more information on Becrypt or to view the whitepaper, visit https://www.becrypt.com/americas/Downloads/Whitepaper-Download/

About Becrypt Becrypt is a global leading supplier of innovative Information Assurance solutions and services, providing secure, feature rich, out of the box products that are government-certified and suitable for all industry sectors.

Becrypt is the largest supplier of encryption technology to the UK Government, Ministry of Defence and UK Police.

Becrypt plays a leading role in the Information Assurance industry through membership and participation in the Trusted Computing Group (TCG) and the Organization for the Advancement of Structured Information Standards (OASIS) where the company sits on the Key Management Interoperability Protocol (KMIP) committee. In addition, Becrypt currently chairs the Crypto Developers Forum (UK). Through technology and OEM partnerships the company enables third-party solutions with encryption and other data security capabilities.

Becrypt has offices in Annapolis, Maryland, USA, London, UK and Sydney, Australia serving clients worldwide.

For more information please visit: www.Becrypt.com, email [email protected], or call: (800) 775-0416.

About Robinson & Cole's Technology & Data Security Practice Offering comprehensive legal and business experience in transactional, regulatory and litigation matters, our practice serves vendors of technology and technology-enabled products and services around the world. Our global reputation as a market leader in protecting the North American legal interests of software suppliers, system integrators and professional services organizations is earned from nearly 30 years of experience helping technology clients achieve their strategic, financial and operational goals while protecting their valuable intellectual property. For more information, please contact partners Kathleen M. Porter at [email protected], Richard Green at [email protected] or attorney Benjamin Goldberg at [email protected] or visit www.rc.com.

Media contact Juliana Allen March Communications Tel: 617-960-9880 [email protected]

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
Black Hat Q&A: Hacking a '90s Sports Car
Black Hat Staff, ,  11/7/2019
The Cold Truth about Cyber Insurance
Chris Kennedy, CISO & VP Customer Success, AttackIQ,  11/7/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16863
PUBLISHED: 2019-11-14
STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the ECDSA private key via a side-channel timing attack because ECDSA scalar multiplication is mishandled, aka TPM-FAIL.
CVE-2019-18949
PUBLISHED: 2019-11-14
SnowHaze before 2.6.6 is sometimes too late to honor a per-site JavaScript blocking setting, which leads to unintended JavaScript execution via a chain of webpage redirections targeted to the user's browser configuration.
CVE-2011-1930
PUBLISHED: 2019-11-14
In klibc 1.5.20 and 1.5.21, the DHCP options written by ipconfig to /tmp/net-$DEVICE.conf are not properly escaped. This may allow a remote attacker to send a specially crafted DHCP reply which could execute arbitrary code with the privileges of any process which sources DHCP options.
CVE-2011-1145
PUBLISHED: 2019-11-14
The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.
CVE-2011-1488
PUBLISHED: 2019-11-14
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a sequence of repeated log messages sent withi...