7. Illinois’ data breach
statute is known as
the Personal
Information
Protection Act 815
ILCS 530
A Breach is defined as
“unauthorized acquisition
of computerized data that
compromises the security,
confidentiality, or integrity
of personal information
maintained by the data
collector.”
IL PIPA
7
8. Access v. Acquisition of
Data
• What is the difference?
• What legal Obligations may be
triggered?
9. IL’s Definition of Personal
Information
"Personal information" means either of the following:
(1) An individual's first name or first initial and last name in
combination with any one or more of the following data elements:
(A) Social Security number.
(B) Driver's license number or State identification card number.
(C) Account number or credit or debit card number, or an account
number or credit card number in combination with any required
security code, access code, or password that would permit access
to an individual's financial account.
(D) Medical information.
(E) Health insurance information.
(F) Unique biometric data.
(2) User name or email address, in combination with a password or
security question and answer that would permit access to an online
account.
10. Notification Obligations
Under PIPA
• Any data collector that owns or licenses personal
information concerning an Illinois resident shall
notify the resident at no charge that there has been a
breach of the security of the system data following
discovery or notification of the breach.
• The disclosure notification shall be made in the most
expedient time possible and without unreasonable
delay, consistent with any measures necessary to
determine the scope of the breach and restore the
reasonable integrity, security, and confidentiality of
the data system.
11. Attorney Specific
Obligations
• IL.S.Ct.R. 1.6
–(a) A lawyer shall not reveal information relating
to the representation of a client unless the client
gives informed consent, the disclosure is impliedly
authorized in order to carry out the
representation…
–(e) A lawyer shall make reasonable efforts to
prevent the inadvertent or unauthorized
disclosure of, or unauthorized access to,
information relating to the representation of a
client.
12. What can you do to
protect your org?
•Incident Response Plan
•Cyber Liability Insurance
•Safeguards
–Technical
–Administrative
–Physical
13. Incident Response Plans
• What is the purpose?
• What information should be included?
• Why is it important to have an IRP in place?
• How will an IRP assist you in responding to a
cybersecurity event?
• Who can prepare an IRP for you?
14. Cyber Liability Insurance
• Most malpractice policies will not cover a data security
incident, as an exclusion not related to rendering
professional services but rather the operation of a
business.
• Coverage needs to be adequate.
• Make sure that coverage includes ransomware
payments.
• Look for whether the insurer provides legal and forensic
panel vendors as well as 24/7 hotline to report
incidents.
• Consult with an insurance broker and inquire as to the
aggressiveness of the insurer in coverage of data
security incidents.
20. Contact Information
• Kevin Rubin
• Email: krubin@stratnet.com
• Tel: (847) 440-8622
• Joel Bruckman
• Email: jbruckman@freeborn.com
• Tel: (847) 997-3475
• Jesse Miller
• Email: JMiller@stratnet.com
• Tel: (763) 270-1821
Editor's Notes
In early 2018 the company saw a hole in the cybersecurity landscape where most products and services were geared and priced toward the enterprise but compelling solutions for the SMB market were lacking
Stratosphere had long partnered with leading security firms such as Trustwave and Dell SecureWorks, but those solutions did not fit the needs we saw in our customer base
So a decision was made to develop our own managed security services practice or MSSP
The team spent the better part of 2018 and early 2019 selecting the tools and developing the services around a managed security offering
In 2019 the business was launched and we began offering risk assessments to our existing customers and some external clients
Those assessments produce a detailed risk score based on a combination of the NIST and CIS control frameworks as well as a cyber security roadmap tailored to each client
Since launching in 2019, Stratosphere has onboarded several clients to the fully managed security platform and now manages over 1,000 endpoints on our platforms
We have carried out over 50 Quarterly Risk Reviews and continue to refine our practice as we learn and grow
Brand loyalty not what is used to be, clients more likely to make a change after a breach
Clients will see value in your firm’s investment in cyber and view that as an investment in keeping their data secure
One breach is all it takes, but money/tools alone not enough, need the expertise and processes behind it (InfoSec & SOC services)
Brand loyalty not what is used to be, clients more likely to make a change after a breach
Clients will see value in your firm’s investment in cyber and view that as an investment in keeping their data secure
One breach is all it takes, but money/tools alone not enough, need the expertise and processes behind it (InfoSec & SOC services)
Brand loyalty not what is used to be, clients more likely to make a change after a breach
Clients will see value in your firm’s investment in cyber and view that as an investment in keeping their data secure
One breach is all it takes, but money/tools alone not enough, need the expertise and processes behind it (InfoSec & SOC services)
Brand loyalty not what is used to be, clients more likely to make a change after a breach
Clients will see value in your firm’s investment in cyber and view that as an investment in keeping their data secure
One breach is all it takes, but money/tools alone not enough, need the expertise and processes behind it (InfoSec & SOC services)
From the initial security assessment, we get our baseline and then as we implement solutions based on your roadmap we continuously reevaluate your level of risk
Previously main targets were healthcare – data stolen and sold; now any company is a target because all companies value their own data (ransomware)
Not here to recommend one silver bullet solution – recommending a set of solutions AND services
Reputation damage
Halt operations
Malware spreads
E.G. Outlook contact breach
The less obvious risks exist below the surface in the many GBs of log files and other data points generated each day on each PC, server, Office 365 account, etc.
Our tools collect all of that data, run it through AI engines, and correlate different events and data points to more quickly identify indicators of compromise
Bu tools alone, no matter how good, are not sufficient. Effective cyber security requires dedicated trained professionals utilizing proven processes to drive down cyber risk.
The less obvious risks exist below the surface in the many GBs of log files and other data points generated each day on each PC, server, Office 365 account, etc.
Our tools collect all of that data, run it through AI engines, and correlate different events and data points to more quickly identify indicators of compromise
Bu tools alone, no matter how good, are not sufficient. Effective cyber security requires dedicated trained professionals utilizing proven processes to drive down cyber risk.
The less obvious risks exist below the surface in the many GBs of log files and other data points generated each day on each PC, server, Office 365 account, etc.
Our tools collect all of that data, run it through AI engines, and correlate different events and data points to more quickly identify indicators of compromise
Bu tools alone, no matter how good, are not sufficient. Effective cyber security requires dedicated trained professionals utilizing proven processes to drive down cyber risk.
The less obvious risks exist below the surface in the many GBs of log files and other data points generated each day on each PC, server, Office 365 account, etc.
Our tools collect all of that data, run it through AI engines, and correlate different events and data points to more quickly identify indicators of compromise
Bu tools alone, no matter how good, are not sufficient. Effective cyber security requires dedicated trained professionals utilizing proven processes to drive down cyber risk.
The less obvious risks exist below the surface in the many GBs of log files and other data points generated each day on each PC, server, Office 365 account, etc.
Our tools collect all of that data, run it through AI engines, and correlate different events and data points to more quickly identify indicators of compromise
Bu tools alone, no matter how good, are not sufficient. Effective cyber security requires dedicated trained professionals utilizing proven processes to drive down cyber risk.
The less obvious risks exist below the surface in the many GBs of log files and other data points generated each day on each PC, server, Office 365 account, etc.
Our tools collect all of that data, run it through AI engines, and correlate different events and data points to more quickly identify indicators of compromise
Bu tools alone, no matter how good, are not sufficient. Effective cyber security requires dedicated trained professionals utilizing proven processes to drive down cyber risk.
The less obvious risks exist below the surface in the many GBs of log files and other data points generated each day on each PC, server, Office 365 account, etc.
Our tools collect all of that data, run it through AI engines, and correlate different events and data points to more quickly identify indicators of compromise
Bu tools alone, no matter how good, are not sufficient. Effective cyber security requires dedicated trained professionals utilizing proven processes to drive down cyber risk.
Brand loyalty not what is used to be, clients more likely to make a change after a breach
Clients will see value in your firm’s investment in cyber and view that as an investment in keeping their data secure
One breach is all it takes, but money/tools alone not enough, need the expertise and processes behind it (InfoSec & SOC services)
The less obvious risks exist below the surface in the many GBs of log files and other data points generated each day on each PC, server, Office 365 account, etc.
Our tools collect all of that data, run it through AI engines, and correlate different events and data points to more quickly identify indicators of compromise
Bu tools alone, no matter how good, are not sufficient. Effective cyber security requires dedicated trained professionals utilizing proven processes to drive down cyber risk.
Brand loyalty not what is used to be, clients more likely to make a change after a breach
Clients will see value in your firm’s investment in cyber and view that as an investment in keeping their data secure
One breach is all it takes, but money/tools alone not enough, need the expertise and processes behind it (InfoSec & SOC services)
The less obvious risks exist below the surface in the many GBs of log files and other data points generated each day on each PC, server, Office 365 account, etc.
Our tools collect all of that data, run it through AI engines, and correlate different events and data points to more quickly identify indicators of compromise
Bu tools alone, no matter how good, are not sufficient. Effective cyber security requires dedicated trained professionals utilizing proven processes to drive down cyber risk.