Robert E. Braun and Michael A. Gold, co-chairs of JMBM’s Cybersecurity & Privacy Group, will participate as panelists on the webinar, What is Reasonable Information Security? Date: Thursday, April 23, 2020 Time: 10:00 AM – 11:30 AM Pacific Time Register Now JMBM’s cybersecurity lawyers, along with a cybersecurity consultant, a…
Articles Posted in Policies and Procedures
Hotels and the California Consumer Privacy Act — Loyalty Programs, Data Retention and the Brave New World of Privacy
CCPA: Hotel Loyalty Programs, Data Retention and the Brave New World of Privacy By Robert E. Braun This article first appeared in the Hotel Business Review and is reprinted with permission from www.HotelExecutive.com. The California Consumer Privacy Act (the “CCPA” or the “Act”) is a piece of consumer privacy legislation…
Ready, Set, Go. Your Essential Cheat Sheet for CCPA Compliance
As most (but not all) business know, the California Consumer Privacy Act of 2018 (the “Act” or “CCPA”) goes into effect January 1, 2020. It is estimated that more than 500,000 companies are subject to the CCPA, many of them smaller and mid-size businesses that may not have pre-existing robust…
Complying with the California Consumer Privacy Act in 5 (more or less) Not So Easy Steps: Part 3 – The Privacy Policy
Complying with the California Consumer Privacy Act in 5 (more or less) Not So Easy Steps Part 3 of a Series The Privacy Policy This is the third in a series of articles on complying with the California Consumer Privacy Act (CCPA). The CCPA is estimated to directly impact more…
Social Media Can Be Hazardous to Your Cybersecurity Health Part 2: Solutions
Public Service Announcement: Social media use increases your cybersecurity exposure. Share appropriately. If that were all it took. In my earlier post, I described how casual use of social media (that is, failure to take into account its impact on privacy and security) can put your company’s information security profile…
Overstate Your Cybersecurity at Your Peril – Lessons from the Equifax Data Breach
Looking back with the perspective of two years, the Equifax data breach still has many lessons to teach us. Unfortunately, some of the most important lessons are masked by the extremes of the errors that characterized the original breach, which include insider trading by top executives after the breach was…
Why is data security so hard in the hospitality industry? What can be done about it?
Written prior to Marriott International’s announcement on November 30, 2018 that a data breach exposed the private data of up to 500 million guests, Robert Braun, co-chair of JMBM’s Cybersecurity & Privacy Group, wrote the article Guest Privacy – It’s Your Business, published by HotelExecutive.com on December 2, 2018. In…
Data Breaches and Cybersecurity: What the hospitality industry can learn from the Marriott breach
Today’s revelation by Marriott International that a data breach exposed the names and personal details of over 500 million guests sent a shudder throughout the hospitality industry worldwide. Hoteliers know they are an appealing target for hackers as their databases contain identifying and financial information for very large numbers of…
Cyber Risk and Internal Accounting Controls: How Should Boards Respond?
The SEC warns public companies that lax cybersecurity practices could violate rules governing internal accounting controls, and offer nine scams as cautionary tales. The SEC has become increasingly active when it comes to cybersecurity. Last month, it issued an investigative report about Business Email Compromises (BCEs) involving nine public companies…
Cyber Resiliency: Designing for Disaster
Cybersecurity is a method to protect your data and systems. Cyber resiliency is a way of doing business in the face of the inevitable. When Hurricane Michael struck the Florida Panhandle earlier this month, it wiped away wide swaths of Mexico Beach, a coastal town on the Gulf of Mexico.…