Our security technology and experts identify signs of potential insider threats, such as unauthorized access or policy compliance issues.
We provide security reports detailing critical security events, threats, vulnerabilities and top offenders to ensure you have the total situational awareness of your enterprise.
State governments have attempted to improve cybersecurity by increasing public visibility of firms with weak security. In 2003, California passed the Notice of Security Breach Act which requires that any company that maintains personal information of California citizens and has a security breach must disclose the details of the event. Personal information includes name, social security number, driver’s license number, credit card number or financial information. Several other states have followed California’s example and passed similar security breach notification regulations. This security breach notification regulations punish firms for their cybersecurity failures while giving them the freedom to choose how to secure their systems. Also, this regulation creates an incentive for companies to voluntarily invest in cyber security to avoid the potential loss of reputation and the resulting economic loss that can come from a successful cyber-attack.
In 2004 the California State Legislature passed California Assembly Bill 1950 which also applies to businesses that own or maintain personal information for California residents. This regulation dictates that businesses maintain a reasonable level of security and that these required security practices also extend to business partners. This regulation is an improvement on the federal standard because it expands the number of firms required to maintain an acceptable standard of cybersecurity. However, like the federal legislation, it requires a “reasonable” level of cyber security, which leaves much room for interpretation until case law is established.