Digital Risk Management: Why Cyber Security Measures Aren’t Enough
Most companies of scale have cyber security measures in place – software solutions, policies and protocols, and regular assessments conducted by IT staff members around compliance and efficacy. With these measures in place, the executive management team might feel confident that their digital data is secure – until they’re blind-sided by crisis-inducing error or a data leakage event.
Featured article by Michael McQuinn, co-founder and CTO of Criterion 360
Encryption Not a Black and White Approach
What Anthem did or did not encrypt has been a topic of conversation ever since news of its massive breach of customers’ personal information broke last week. It appears that, in compliance with the Health Insurance Portability and Accountability Act (HIPAA), which doesn’t explicitly require encryption of customer data, Anthem did not encrypt the breached data, and a company spokeswoman has said that even if it had, that wouldn’t have protected the data because the hacker had admin-level access, according to a piece in The Huffington Post.
Michael McQuinn, co-founder and CTO of Criterion 360, points out in a piece on DataInformed that the fact is, “there will always be something:”
Article by Kachina Shaw, managing editor for IT Business Edge
Digital Risk Management: Why Cyber Security Measures Aren’t Enough
Most companies of scale have cyber security measures in place – software solutions, policies and protocols, and regular assessments conducted by IT staff members around compliance and efficacy. With these measures in place, the executive management team might feel confident that their digital data is secure – until they’re blind-sided by crisis-inducing error or a data leakage event.
Featured article by Michael McQuinn, co-founder and CTO of Criterion 360
