White Papers & Articles
When It Comes to PCI Data Breach Investigations, Organizations Are Well Served to “Declare Their Independence”
For many organizations, the specter of becoming a victim of a cyber attack—whether via criminal enterprises or malicious insiders—is no longer if, but when. As headlines show, virtually no organization is immune and the stakes are raised for any group, such as card brands, processors and merchants, that handles payment card information—just ask Global Payments, which was hit hard last year...
“It’s a Legal Matter” The Fine Line Between Expert Data Breach Guidance and Legal Advice
As a practitioner in Kroll’s cyber security group focusing on data breach response, I am regularly faced with a variety of client questions that arise during a data breach event: “Can you determine what data was exposed by the breach?”; “How long was the malware present on our network?”; and, “Can you determine what was on the laptop at the time it was stolen?” are all common. Kroll is well...
Over, Under, or Accurate Notification? Precise PII / PHI
When an information security incident occurs, organizations frequently turn to computer forensics to investigate and understand what happened. Indeed, forensics is often vital in determining the root cause of an information security incident, and preventing additional exposure. It’s also the first step toward being able to confirm the presence of lost or stolen Personally Identifying...
The Insider Threat: Why Chinese Hacking May Be the Least of Corporate Worries
The media has been saturated in recent months with news articles of Chinese hackers gaining access to U.S. corporate and government networks, carrying ominous warnings about the Chinese hacking menace and the threat it presents to U.S. business. In actuality, hacking of this type—where foreign hackers penetrate networks and stay there for long periods of time—is old news to the cyber security...
The 2012 HIMSS Analytics Report and Exclusive Webinar
Nearly 16 years after the enactment of the Health Insurance Portability and Accountability Act (HIPAA), a new report commissioned by Kroll Advisory Solutions suggests that providers continue to prioritize compliance over security at the expense of patient data. The 2012 HIMSS Analytics Report: Security of Patient Data, the third installment of the bi-annual survey of healthcare providers...
2012 Cyber Security Forecast eBook
If there’s one thing we learned from 2011, it’s that no one is exempt from attack. Some of the largest data breaches in recent history made news last year, sparking data breach dialogue around the world. Quite possibly the largest data breach ever ignited fears of widespread spear phishing. Advanced Persistent Threat attacks penetrated a respected security organization. And social...
2011 Data Security Forecast
The 2010 calendar year brought with it an onslaught of new regulatory requirements, technological advances and increased scrutiny in data privacy and security matters that have laid the groundwork for a significant shift in how businesses handle data security in the year ahead. Kroll’s Fraud Solutions division has released its data security forecast for 2011, highlighting the key areas where...
Top 10 Data Breach Questions
Knowing which questions to ask can be just as valuable as having the insight to answer them. What data was really compromised? Have you alerted your outside counsel? Our list tackles the critical questions any organization should be asking with insight into why these questions carry so much weight. Register below for immediate access to the Top 10 Data Breach Questions for...
HIMSS Patient Data Security Study
Register below to receive a copy of the 2010 HIMSS Analytics Report: Security of Patient Data, which examines data security practices at hospitals across the United States. The second in a series of bi-annual studies on this topic, the report follows the 2008 Kroll-HIMSS Analytics Report. A pool of 250 respondents, comprised of Senior IT Executives, Chief Security Officers, Health Information...
