InfoconDB

Presented at DEF CON 16 (2008), Aug. 9, 2008, 5 p.m. (50 minutes)

Stories about the loss of sensitive data are becoming more common, and an untold number of others probably are not known because they were not covered by law or did not get the attention of regulators. A loss may happen when data is stolen or simply lost, or when a system is breached. Existing federal and state laws cover specific industries and prescribe particular responses, but pending legislative proposals threaten to expand coverage significantly. This presentation will discuss the relevant federal and state laws concerning disclosure of sensitive information. In addition, it will explore the elements of a plan for responding to a data loss and the considerations that occur should that plan have to be put into use. These plans, elements, and considerations are critical for addressing a data loss and for dealing with such disparate groups as regulators, the public, employees, and shareholders after your, and their, data is gone.

Presenters:

Don Blumenthal - DMB & Associates
Don Blumenthal is a professional with over 20 years proven experience in technology, law, and policy, and has worked on data breach matters from both the law enforcement and private sector sides. He is a consultant and attorney based in Ann Arbor, MI, specializing in data security and privacy issues, as well as other technology-related matters such as electronic discovery, spam, malware, and Internet evidence development. He also is a Senior Principal with Global Cyber Risk, LLC, of Washington, DC. In addition, Mr. Blumenthal is an adjunct professor in the University of Michigan School of Information and serves as a legal affairs SME for the Centre for Assurance Studies, a NSA Center of Academic Excellence in Information Assurance Education at the University of Detroit Mercy.

What To Do When Your Data Winds Up Where It Shouldn't

Presenters:

Links:

Similar Presentations: