Download presentation
Presentation is loading. Please wait.
1
w w w. d u a n e m o r r i s. c o m Duane Morris - Firm and Affiliate Offices New York | London | Chicago | Houston | Philadelphia | San Diego | San Francisco | Boston | Washington, D.C. Atlanta | Miami | Pittsburgh | Newark | Allentown | Wilmington | Harrisburg | Princeton | Westchester Duane Morris LLP - A Delaware limited liability partnership © 2005 Duane Morris LLP. All Rights Reserved. Duane Morris is a registered service mark of Duane Morris LLP. Navigant Legal Roundtable What You Must Know About IT Security and Privacy Law June 29, 2005 Sandra Jeskie, Esq. – jeskie@duanemorris.com Joseph Burton, Esq. – jmburton@duanemorris.com Michael Silverman, Esq. – mjsilverman@duanemorris.com
2
2 What Needs to be Protected? Types of information: –Trade secrets –Copyrighted information –Proprietary and/or confidential information –Customer data –Employee health care information –Pricing information
3
3 What Needs to be Protected? Legal Issues –COPPA –GLB –HIPAA –Sarbanes Oxley –Critical Information Infrastructure –SB 1386 –European Union Requirements –Others
4
4 What are the Data Management Risks? Top Ten Risks by IT Security Threat –Viruses and Worms7.6 –Outside Hacking or Cracking7.1 –Identity Theft and Phishing7.0 –Spyware6.8 –Denial of Service6.6 –Spam6.3 –Wireless and Mobile Device Viruses6.2 –Insider Threats6.2 –Zero Day Threats5.9 –Social Engineering5.9 –Cyber-Terrorism5.6 Respondents rate how critical each of the above security threats is to their organization (“1” means no concern at all; “10” means extremely concerned). Conducted in May 2005, the survey included responses from 133 North American organizations with global operations and revenues exceeding $750 million. Six of 10 surveys were completed by IT managers, with 91% overall answered by employees in IT departments. Source: Gartner Group Study, June 2005.
5
5 What are the Data Management Risks? Employees New Technologies Bad guys Outsourcing, service providers, business partners Errors Chocolate –BBC 2004 survey of London commuters 70% would reveal their computer passwords for a chocolate bar. 34% volunteered their passwords without being bribed.
6
6 What Needs to be Done to Protect the Data? Privacy Policies Security Policies Document Retention Programs Operational Safeguards Agreements with Business Partners Audits Education
7
7 What Happens When the Data Gets Out? Reporting Requirements –SB 1386 –SOX –CII Civil Liability Criminal Liability Incident Response/Mitigation Plans
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.