What’s are people seeing for data breach protection in a vendor contract? Especially interested in hearing about contracts that involve personal data, but not sensitive personal data. Are you getting/giving indemnification for breaches? I know this can vary depending on the circumstances, but would appreciate hearing what people are experiencing right now.

like
Posting as :
works at
You are currently posting as works at

Our going rate is to implement a $10M LoL although that number should probably be higher

like

Wow. Your company must be a big customer. No way we would provide that for our regular customers

like

Our company has run of the mill personal data (non sensitive CCPA or GDPR). Not a huge company but I routinely have to give an indemnity for security breaches caused by our negligence. Worst case I gotta delete the negligence qualifier. I’d say half the companies agree to the negligence qualifier.

I try not to indemnify for breach of infosec exhibit (you can have a security breach without breaching infosec).

Then for cap, typically separate super cap ranging from 3-5x fees paid usually minimum of 1 mil.

Related Posts

Considering working from India for a couple of years due to personal reasons. Any advice for Salary expectations/negotiations? Haven't worked in India for over a decade.

Senior consultant, came into Deloitte with over 14 YOE (industry), in the FSI -> IM space, expertise & experience in buy side asset management.

If you are open/willing to offer referrals, happy to talk. Any insights are greatly appreciated. Thank you.

like

Left IBD to quickly - VP1 opps?

Long story short - was lured into an opportunity to do BD for a large PE PortCo… better work/life balance, but honestly miss the deal cycle.

Anyone know of open VP1 opps right now?

Quick background - former MM banker (think Raymond James, Piper Sandler size) doing FinTech and Asset Management within FIG, but also open to other sectors.

Thanks!

like

Looking to do a department change. Does anyone have experience in Pathology? I have an interview as a pathology assistant. What can one expect working in that environment? Is it fast-paced? I attached is the description…

Post Photo
like

Does anyone have a casebook from 2021-2022 with the latest industry overviews?

like

What you didn't know about engineering...

like

Any Energy folks here? Thinking about a move…

Interested in what you’re earning / any places you know hiring. I’ve got 6 yoe with extensive experience in networks / retail working on decarb / strategy / economics / reg - any ideas?

like
like

Hey All,
Exp : 8.6
Exp On Mulesoft : 4.8
CTC : 20 LPA
Offer holding :
31 Fixed Infinite Computer Solutions
32 fixed from @Nahil (Saudi based gave 32 fixed (no TDS))

Current company: Infosys
I am waiting for the offer letters from
EPAM Systems asked 35, but selected for D3 role so 31/32 LPA.
Genpact (Enquero global) asked 35, not sure they can give or Match?

Which one to join, I am planning for long term commitment. Please provide your thoughts.

like

McKinsey & Company What’s the fair market range of pay for certified SN consultants? CSA and any CIS certs. Just trying to gauge what others are making with those certs alone. 2 YOE Deloitte Accenture EY PwC KPMG McKinsey & Company ServiceNow

like

How much is your salary and position in Germany?

like

Denver based, I ski Ikon so typically WInter Park or now A basin also

Looking to pivot into managerial. Can someone take a look at my resume? Tips would be appreciated as well!

likehelpful

Latinx - help! We used this term in our diversity spotlight discussing Hispanic Heritage Month. One individual said that in English a group of Latinos would just be Latins to be gender neutral. I understand the word is controversial but is “Latins” grammatically correct? I assume we should just say Latin Americans, but trying to understand if Latins is also accurate.

like

Suggestions on how to improve at work? I feel like everyone knows more than me and feeling like I’ve been left behind. Where did all of this knowledge come from??

like

Any Audit and Assurance professionals in this group?

Joined at 502 in JPMC in mid July (in Operational Risk). 6 YOE (4 in audit, 2 in BPO). Haven't really started working in the true sense yet. Objective setting discussion just began for this year. Wondering what to expect from performance appraisal considering these facts in terms of hike and bonus. LOB - Corporate.

like

Unfortunately was dragged into an audit despite the fact I don’t work in audit. Why does audit RM say yeah your hours will be 50 hours/week when you’ll have to work way more to do the audit. Seems very dumb - if you have work do it, if not don’t work…

like

Hi Nokia folks! need your help. I am thinking of switching from Deloitte USI to Nokia is it a good idea? would you recommend it?
tech: azure data engineer
yoe: 3
What salary range can I expect? Hike and other benefits?
Thank you!

like

Does anyone know where I can find any entry level UX research roles? I have many years of academic research experience, but would like to move into an industry role.

like

Additional Posts in Privacy Law

IAPP is such trash. Why does everyone recommend getting the CIPP certs when they mean nothing??

like

Can creditors go after my US assets if I file for bankruptcy in a different country? Not sure if this is based on US law or that country's law (Spain)

like

In terms of taking the next step to elevate your career- what items are you heavily focusing on? I have speciality in data governance as well as product counseling, but curious to know what others find most helpful in their practice areas.

likehelpful

Is it normal for a California employer to include a very detailed notice in the employee handbook about employee monitoring practices and the company’s right to search your stuff? Or do I need to look for a new job immediately….. 🚩

like

So as a 30ish yo with a government/PE/tech background and CIPM/CIPP… I’m finding privacy work is just much easier and interesting than other kinds, but still pays plenty well.

Is it too late/inadvisable to go to law school to specifically aim for privacy work?

I just find some firms are unwilling to entertain the idea that anyone but a lawyer has anything relevant to contribute in this space…

like

Mid/big law privacy associates- how much do you bill a month on average? is your workload predictable?

like

What are the best resources you’ve found that walks you through step-by-step, the data incident management process and what to ask your client?

like

Anyone have any CIPP/US practice questions besides the 30 from the IAPP?

like

Anyone have any suggestions on how to break into this field as a mid-level commercial litigator? I was thinking of taking the CIPP-US test but would that be enough to get some interview traction?

like

Is anyone involved in IAPP’s young privacy professionals group? Is there an age cutoff? They keep emailing but I wouldn’t consider myself “young”! Will they stop emailing when I turn 40?

likefunny

I’m currently doing IR work but would like to do something more on the technical side (ie: more forensics or technical). Does anyone know if forensics firms or any firm that offers a mix ? I have both a Cipp-Us and cyber/ Sec+ certs.

like

Can anyone share a salary range for a Privacy Manager role in the private sector for someone with a JD and several years of experience?

like

Govt attorney here. Trying to jump into privacy now. In house or big law ? Pros and cons in the world of privacy ?

like

What circumstances under the Gramm Leach Bliley Act would trigger reporting to the FTC, if at all?

like

Any firms/companies hiring in their privacy group? Looking for fully remote or TX

like

Hi all,
Been doing privacy for about a year now in-house. Got my CIPP/US.
Having major imposter syndrome still. I feel like the minute I finally have a grasp, something changes. The law and nuances just seem overwhelming. Maybe it’s just a lack of guidance/uniformity in the US. I’m not sure if I feel this way because it is simply the nature of the work or because I’m just not capable.
😔

likehelpful

How Much Can You Sue an
Employer for Not Paying You?

like

Looking for referrals to privacy practice at firms - not recruiters, associates only please. I am a senior corporate privacy associate with experience in counseling, compliance and regulatory advice. Experience with clients of all sizes and risk tolerances - start ups to global companies. No interest in firms that pay under market (no offense). TIA

like

Can we talk about privacy vendors? We are looking for a platform to handle data inventory and/or data discovery, as well as automating the privacy impact assessment process. We already have vendors for DSARs and cookies. Do most people consolidate all these functions to one platform or use multiple? Anyone willing to share vendors they have had good or bad experiences with?

like

New to Fishbowl?

Download the Fishbowl app to
unlock all discussions on Fishbowl.
That was just a preview…
Sign Up to see all discussions
  • Discover what it’s like to work at companies from real professionals
  • Get candid advice from people in your field in a safe space
  • Chat and network with other professionals in your field
Sign up in seconds to unlock all discussions on Fishbowl.

Already a user?
Login here

Share

Embed this post

Copy and paste embed code on your site

Preview

Download the
Fishbowl app

See what’s happening in your industry
from the palm of your hand.

A phone with Fishbowl app

Scan your QR code to download
Fishbowl app on your mobile

Download app

Sign up for free to view this conversation on Fishbowl

By continuing you agree to Terms of Use and Privacy Policy

Already have an account? Log in

Sign up for free to continue using Fishbowl

By continuing you agree to Terms of Use(New) and Privacy Policy(New)
Messaging rates may apply

Already have an account? Log in

For account settings, visit Fishbowl on Desktop Browser or

General

Legal