Annualized percentage of the cost of cyber crime for companies in the United States as of June 2014: 23% : Malicious Code18% : Denial of Service14% : Web based Attack13% : Phishing Attack |
|
Think an antivirus program is a sufficient safeguard to protect your customer's data?
Think again
A majority of data breaches at businesses no longer occur through direct hacking of business systems. Rather they occur through carefully orchestrated social engineering attacks or through breaches in physical security.
Do you backup your data?
Where do you keep the backup disk?
Somewhere on a shelf?
If your business collects customer information, you are subject to a mirad of federal regulationsYOU are also financially responsible if a data breach originating from your company results in fraudulent charges
PCI CompliancePCI Compliance is the set of standards that act as the 'Terms & Conditions’ for being able to accept credit card payment. Visa, MasterCard, American Express and Discover joined forces in 2004 to form the Payment Card Industry Security Standards Council (PCI SSC), which pushes the responsibility for credit card theft down to the transactional level. Firewalls aren't enough to keep your business compliant and all requirements in PCI DSS v3.0 must be met. If card information is hijacked from your business while it is not PCI compliant, your business is legally obligated to reimburse the card provider for every dollar stolen. Assero specializes in helping businesses attain PCI Compliance.
HIPAA & HITECHHIPAA imposes regulations on health insurers, employer
sponsored health plans, health care clearinghouses, and medical service
providers; these “covered entities” are obligated to keep “Protected Health
Information” (PHI) private. If an entity fails to prevent PHI from being
disseminated, such as in the case of an electronic breach or attack, the entity can potentially
be fined $100 per day per individual affected.
A breach can also be used as a basis for a state civil suit. HITECH extends the PHI protection obligations and penalties to the “business associates” of covered entities. It additionally mandates full public disclosures
of breaches and enables state attorney generals to bring suits against entities that are not complaint with HIPAA and/or
HITECH.
|