News Updates
October 15, 2024 by Peter Sherek
Background: Marriott International and its subsidiary Starwood suffered a series of data breaches that ultimately exposed the personal data of 344 million consumers. These events spanned from November 2015 to September 2018. On October 9th, 2024, the FTC announced a settlement with Marriot International regarding the alleged violations to Section 5(a) of the Federal Trade […]
Read more »
October 3, 2024 by Peter Sherek
By Bryan Sevener, President/CEO, ValorTech In this post, we feature an article by our partner, ValorTech. ValorTech is one of our partners for Managed Detection and Response services and also offers a full suite of Information Technology products and services. In this article by ValorTech’s President and CEO, Bryan Sevener, you will learn how AI […]
July 24, 2024 by Peter Sherek
Our ever-connected digital world has recently been thrown into disarray. The CDK breach and CrowdStrike upgrade glitch stopped businesses and services in their tracks causing significant disruption and monetary impact. Implementing digital security is absolutely necessary, but developing a holistic approach that considers an all-hazards approach to business continuity and response capability is imperative. Recently, […]
June 25, 2024 by Peter Sherek
You have probably seen the headlines regarding the recent cyberattacks on prominent industry players. A leading DMS suspended operations because of a cyberattack, and two multi-rooftop dealerships recently reported cyberattacks. You have taken the first step in building your defenses by implementing the A2Safe Hub system, but even so, there are things you can do […]
June 17, 2024 / June 17, 2024 by Peter Sherek
Our lives are lived in the digital realm. We use computers, cell phones and tablets connected to the internet to do everything from buying groceries to doing our banking to finding our next vehicle. Each time we conduct business we share information about ourselves knowingly and unknowingly. Understanding how that information transaction takes place and […]
May 29, 2024 by Peter Sherek
Breaches will occur. Criminals must only be effective once; we must be effective all the time. Regulators understand this and take it into account when they decide whether to pursue regulatory action. What’s often overlooked is the likelihood of class action lawsuits even when state or federal regulators choose to not pursue action. Since 2018, […]
February 29, 2024 by Peter Sherek
Now that you have written your Information Security Incident Response Policy and Incident Response Plan, it’s time to exercise your plan to make sure everyone knows their roles and that you have not missed a critical aspect of responding to an incident. This is often referred to as a Tabletop Exercise. Tabletop exercises can be […]
February 20, 2024 by Peter Sherek
Third parties are people or organizations with whom you share your data or allow access to your information systems to support business activities. These can be service providers, partners, suppliers, and vendors. The level of access and type of data shared with a third party will help you prioritize who you must engage in your […]
February 14, 2024 by Peter Sherek
No information shared in this document should be considered legal advice. It is offered for general reference. Any final decisions should be made after consulting your legal counsel. Purpose of the Act: The act requires Corporations operating in the US to identify the owners or those with significant stake in a company to the federal […]
January 18, 2024 / January 19, 2024 by Peter Sherek
The CARS rule has an exemption for Motorcycle dealers, RV dealers and Marine dealers. Does this mean they are no longer bound by the FTC safeguards rule? Short Answer: NO! The Combating Auto Retail Scams (CARS) trade regulation rule falls under the authority of the Dodd-Frank Wall Street reforms, the Consumer Protection Act of 2010 […]
October 27, 2023 / January 18, 2024 by Ben R
The FTC has approved a new amendment to the Safeguards Rule that requires non-banking institutions to report certain data breaches and other events to the agency in the event they occur. This change will now require businesses outside the banking space, including motor vehicle dealers, to notify the FTC as soon as possible when a […]
