Series: Benchmarking your privacy incident management program

This series written for The Privacy Advisor by the team at Radar is about establishing program metrics and benchmarking your privacy incident management program. Radar provides purpose-built software designed to guide users through a consistent, defensible process for incident management and risk assessment. A significant volume of incidents involving regulated personal data is processed through the Radar platform, and that number grows every day. The Radar team will provide analysis of data incidents’ metadata in an effort to help privacy pros gain valuable insights, benchmarking metrics, and best practices to use at your organization in your continuous efforts in preventing, monitoring, and remediating incidents and associated risks. 

Beyond data breach: Why every incident matters

Alex Wall, CIPP/E, CIPP/US, CIPM

What is an incident? How do you know when it is a data breach and requires notice? Understanding how to label privacy occurrences can determine which departments should be involved, what actions should be taken, if notification is required and when.

Data protection is a team sport: Benchmark data tells the story

Mahmood Sher-Jan

Once armed with the knowledge from part one of this series, the next metric many organizations will want to establish involves risk mitigation. And this makes sense, assuming that if you have a clear vision of what has helped or hindered your organization’s privacy measures in the past, you will be able to continue with what works and identify existing gaps.

Surprising stats on third-party vendor risk and breach likelihood

Mahmood Sher-Jan

In this installment of the series, Sher-Jan explores an issue becoming more widely reported as companies react to recent large-scale data breaches and make preparations for compliance with the EU GDPR: managing the risk of incidents caused by third-party vendors.

Check back soon for more installments.

From incident to discovery to breach notification: Average time frames

Mahmood Sher-Jan

In this installment of the series, Sher-Jan explores an issue becoming more widely reported as companies react to recent large-scale data breaches and make preparations for compliance with the EU GDPR: managing the risk of incidents caused by third-party vendors.

How does your privacy program measure up? New Year's resolutions

Alex Wall, CIPP/E, CIPP/US, CIPM

As the calendar year comes to a close, many of us in the privacy field find ourselves tending to year-end tasks, planning for the start of a fresh first quarter, and reflecting on the last 12 months of work. Year-end program statistics are gathered, budgets for the next year loom on the horizon, and measuring and demonstrating the efficacy of your compliance program to internal and external stakeholders becomes top of mind. In short, this is an excellent time to consider privacy program metrics. Alex Wall has some tips in this ongoing series on data-based benchmarking for The Privacy Advisor.

Was 2017 the 'year of the breach?'

Mahmood Sher-Jan

Have you noticed that every January you start seeing articles touting the previous year was the worst year on record for data breaches? 2016 was cited as a “record year for breaches,” and 2017 has already earned the moniker “the year of the breach,” but then again, so did 2015, 2014 and 2013. What’s worse, we’re told to brace for impact on what’s to come. In part, these warnings ring true. But how you manage future data breach incidents can mean a world of difference in establishing a mature incident-response compliance program and reducing risk, writes Radar's Mahmood Sher-Jan in this ongoing series for The Privacy Advisor.