With cybersecurity becoming a topic of ever-increasing visibility and importance, information security professionals ask what protection they have when they make potentially unpopular disclosures of cybersecurity issues. Though no whistleblower retaliation statute deals directly with the topic, the Sarbanes-Oxley Act will often protect cybersecurity professionals who work directly for public corporations or those corporations’ service providers. Yet further, the Dodd-Frank Act could allow information security workers to receive a whistleblower reward for reporting cybersecurity concerns to the SEC or CFTC, in some cases.
However, the relationship among cybersecurity issues, SOX, and the Dodd-Frank Act is not yet clearly defined. Accordingly, information security professionals should educate themselves about whistleblower protections. Doing so could make the difference between being protected, receiving a whistleblower reward, or suffering retaliation without recourse.
- See more at: http://www.natlawreview.com/article/protections-and-rewards-cybersecurity-whistleblowers#sthash.Nu5uovJe.dpuf
BlackBerry is not the smartphone powerhouse it used to be, but it’s been making a concerted effort to hold on to its position as a go-to place for enterprise customers, specifically in highly secure environments. As part of that strategy, today the company announced that it has acquired Encription Ltd, a cybersecurity consultancy that delivers services globally but operates “from a secure location in Worcestershire” in the UK. BlackBerry says will be using the acquisition to help it kickstart a new consulting business, Professional Cybersecurity Services.
Building out its services business could also help set BlackBerry up for a future where it may even work with businesses on more general IT, cutting out the question of a BlackBerry smartphone business altogether.
Terms of the deal, which BlackBerry says was completed February 19, were not disclosed. It does not appear that Encription ever raised venture funding.
BlackBerry is launching Professional Cybersecurity Services, it seems, for two primary reasons.
The first is that BlackBerry still has customers in segments like the government and other secure organizations like financial services, healthcare and the oil industry. And while the smartphone maker has lost out to Android makers like Samsung’s Knox, and Apple’s iPhone among many business customers, the government and organizations with high regulatory compliance are part of a category where BlackBerry remains relatively strong.
BlackBerry says it has some 70 government certifications and approvals, the largest amount of any other mobile vendor, with contracts with all G7 governments, 16 of the G20 governments, 10 out of 10 of the largest global banks and law firms, and the top five largest managed healthcare, investment services, and oil and gas companies.
For now, these ties are based around its own BlackBerry handsets, but tying itself deeper into the services that run both on BlackBerry phones as well as other devices means that BlackBerry can bid for business regardless what handset gets adopted.
And it’s no coincidence that this is also a segment where Encription also has many customers.
“BlackBerry is the gold standard when it comes to security and we’re always evolving to maintain this high standard as the complexity of enterprise mobility and security increases,” said John Chen, Executive Chairman and CEO, BlackBerry, in a statement announcing the acquisition and new consultancy practice. “We recognize that security vulnerabilities are a top risk concern for public and private sector organizations alike. The creation of our Professional Cybersecurity Services practice and acquisition of Encription reinforces our commitment to providing customers the industry’s most secure mobility solutions and helping them to assess and mitigate risks.”
Read Full Article