We read it in the headlines all too often: “Facebook, PayPal Users Urged to Check Logins After Hacking,” “Sony Hacked Again; 25 Million Entertainment Users’ Data at Risk,” “Zappos Says Hacker May Have Accessed Info on 24 Million Customers,” and most recently, “MasterCard, Visa Warn of Credit Card Data Theft.”
The process of notifying affected populations in the event of a data breach is complex and littered with potential land mines – handled poorly, the notification can be a black eye for an organization and potentially open them up to regulatory fines or sanctions. Brian Lapidus and his team at Kroll have assembled the following advice for businesses to help them minimize their risk and simplify what has become a very challenging process.
For the next generation of enterprise security leaders, is there a clear path forward to success? Enterprise security leaders discuss mentorships, education, certifications and the skills new CSOs and CISOs will need to succeed in their evolving roles and bring value to the business. But the problem is: with existing security leadership roles varying so widely, is the development of a uniform skill set even possible?