This week’s article is the last article in our ongoing weekly series, “Cyber Insurance Compliance Insights from FTC Investigations” that reflected on the FTC’s “Stick with Security: Insights into FTC Investigations” blog series. Our blog series provided a recap of the FTC’s weekly data security blog (that has since ended) and how these measures can help companies demonstrate cyber insurance compliance. For companies looking to obtain cyber insurance it is essential to be able to effectively demonstrate baseline security measures have been implemented. If you haven’t read our weekly blog series, please start with our first article Cyber Insurance Compliance Insights from FTC Investigations and then navigate the series by clicking at the bottom of every weekly article.
To date, the FTC has filed more than 60 actions alleging that companies engaged in deceptive or unfair practices related to data security. While the complaints and orders apply just to those companies that have been the subject of the FTC cases, wise companies understand that every FTC action offers an across-the-board insight.
Brochures for Business
- Where to start. Protecting Personal Information: A Guide for Business is a primer on creating a data security plan for your company. Built on five fundamentals – Take stock, Scale down, Lock it, Pitch it, and Plan ahead – Protecting Personal Information offers a nuts-and-bolts approach applicable to any business.
- For more detail. Start with Security looks at FTC law enforcement actions and distills the cases down to 10 compliance lessons. (Our Stick with Security blog series focuses on those same 10 lessons, but also factors in recent cases, closed investigations, and questions and comments we’ve heard from businesses.)
- In case a breach happens. Data Breach Response addresses the steps to take if a breach has occurred. Experienced executives will tell you the best time to read it is before you need it.
The FTC has an extensive video library in which companies can incorporate these videos into in-house training or showing them at your next staff meeting. It’s a 3-minute investment that could pay dividends in the form of a more security-conscious workforce.
For solo entrepreneurs or companies with just a few employees, the FTC’s Small Business site features resources written with you in mind. For bigger companies, it can’t hurt to review this list provided by the FTC, Small Business Computer Security Basics which breaks it down with just-the-facts guidance about protecting your files and devices, safeguarding your wireless network, and responding if you’ve been the target of malware or a hack attack.