Seeking input on proposed changes to the Gramm-Leach-Bliley Act’s Safeguards Rule, the Federal Trade Commission (FTC) conducted
The Federal Trade Commission (FTC) has been vaguely requiring financial institutions to use “reasonable” security controls since 1999. That is about to change.
HALOCK partner, Chris Cronin, will be participating as a panelist in the FTC Safeguards Rule Virtual Workshop. The session, “The Costs and Benefits of Information Security Programs”
As part of its enduring interest in LifeLock, Inc., the Federal Trade Commission issued the following statement on December 17, 2015, “PCI DSS certification is insufficient in and of itself to establish the existence of reasonable security protections … the existence of a PCI DSS certification is an important consideration in, but by no means […]
Author: Chris Cronin, ISO 27001 Auditor The Third Circuit Court of Appeals announced on Monday, August 24, 2015 that the Federal Trade Commission is acting within its authority when it takes action against companies for poor data security practices. Take heed. You may be doing exactly what the FTC is complaining about.
Reasonable and Appropriate Data Security – An interesting case that the FTC filed recently (June 26, 2012) against a well-known hotel chain. (Names omitted for the purposes of this blog.) Notice the similarities to the PCI DSS requirements.