Sensitive data falls into two broad categories: regulated and unregulated data. Regulated data is always sensitive, though to varying degrees, and should always be classified. The vast majority of unregulated data (which includes all publicly known information) is not always sensitive. However, unregulated data can also include highly sensitive information (e.g., company confidential data, intellectual property or sensitive data unique to the organization), so you must apply your data classification process…
On-Demand Webinar Recap: U.S. State Data Protection Law Roundup for 2018 To combat ongoing security breaches and risks, many states have sprung into action, adding and amending statutes and standards during 2018. With the public’s most personal and confidential information on the line, a growing number of states refuse to wait for the federal government to take action. In a recent webinar, Scott Giordano, our VP of Data Protection and…
Recently, Scott Giordano, our VP of Data Protection, presented a webinar detailing changes and additions to the California Consumer Privacy Act (CCPA). Signed into law on June 28, 2018, the CCPA represents the most demanding state privacy regulation in the United States. To watch the webinar on-demand, click here. Here’s a quick overview of Scott’s presentation and analysis of CCPA: What is CCPA? Commonly known as California’s version of the…
(by Todd Feinman, Spirion Co-Founder and Chief Strategy Officer) The holiday season is upon us and the bright lights and greenery aren’t the only indicators that we’ve reached December. Sadly, data breaches often occur at this time of year. Recently we’ve seen major news stories about breaches at Starwood Hotels and Quora. Last year, at this time, it was announced that there was a significant privacy leak at eBay affecting…
One way to try and determine how sensitive certain data is, and therefore how it should be classified, is to think about how the loss of the confidentiality, integrity, or availability of that information would impact your organization. The following table is taken from Federal Information Processing Standards (FIPS) publication 199 published by the National Institute of Standards and Technology (NIST). It provides a framework for determining the impact that can be…
Take a look at the link below for access to Spirion’s new white paper detailing everything you need to know about the new California Consumer Privacy Act of 2018 Everything you Need to Know About the California Consumer Privacy Act of 2018 Signed into law on June 28, 2018, the California Consumer Privacy Act of 2018 (CCPA) represents the most stringent state privacy regulation in the United States. Billed as the California…
We are excited to announce that we will be hosting booth 101 and a happy hour event at Black Hat 2018 at Mandalay Bay, Las Vegas. Come meet the Spirion Team at booth 101 and join us for complementary beverages, wine, beer and appetizers at Michael Mina’s Stripsteak. Now in its 21st year, Black Hat USA is the world’s leading information security event, providing attendees with the very latest in research,…
23 NYCRR Part 500 became effective on March 1, 2017. The New York Department of Financial Services (NYDFS) requires banks, insurers and other financial services companies to set up a cybersecurity program aimed at protecting consumer information from being compromised or stolen. The impact of the regulation is much broader than just New York State as it applies to any organization with a presence in New York and may even…
Locating and Managing EU Personal Data for GDPR Compliance Spirion recently hosted a live webcast discussion on the topic of “Locating and Managing EU Personal Data for GDPR,” featuring a panel of security experts, comprised of: Colin Anderson, global CISO of Levi Strauss & Co.; Todd Feinman, founder and CEO of Spirion; Scott Giordano, privacy attorney and director at Robert Half Legal; and, Justin Suissa, principal at infoedge. In this…
(by Todd Feinman, CEO and Founder of Spirion) My team thought others would be interested in a memo that I sent to some friends and colleagues. The memo follows: I have received an overwhelming number of requests for information about what to do since the Equifax leak of 143 million SSNs was disclosed. I’ve tried to summarize those questions to help you protect yourself, your family, and your business. If…