The relationship between proper data handling and real risk reduction.
Those who listened to the November 19th, 2022 podcast I did with breach attorney Spencer Pollock know that he stated that 90% of the breaches he was involved in over the prior 12-month period would have been non-reportable had the data been properly encrypted.
https://qpcsecurity.podbean.com/e/what-you-must-do-in-order-to-prepare-…
(Review link above for attestation and regulatory enforcement proof.)
I have three major points for you in this show.
- You need an IRP
- You need a CvCISO
- And you need to understand how data is being handled in your organization