Information Security Compliance: Risks and Consequences

What does the MN Department of Commerce say about your security risk. Who is responsible? What do we need to do to avoid costly fines?

A lost unencrypted laptop might cost your organization $1,500,000 and much more JUST because you didn’t have a (legally required) service provider agreement in place.

Imagine the FTC agents have just arrived, your business is being accused of having been breached, and a vendor of yours may have been involved! “Show us your WISP (written information security program).” “Do you know what a service provider agreement is?” “Show us the Service Provider Agreement you have with Tony’s KindaGood DataCenter.” “When was the last time you had a full information security assessment?” “How often are your employees trained on information Security?” “Have you heard about our 20 year consent orders?” “Tell us about your vendor risk management program for vendors who touch your private data?”

Mathew Vatter, Assistant Commissioner for Enforcement at Minnesota Department of Commerce will outline the consequenses of not taking proactive steps to avoid breach and also explaine the consequenses if certain maditory pro-active measures are not complied with.

Next, Greg Pfleider from RiskSmart Advisors will outline neccessary steps to protect against the consiquences.

We are sure there will be a very lively Q & A session following the first 60 to 75 minutes of the program so please join SIM Minnesota and invite a guest to register.