Skip to content

Security Transparency Report Section (FTC v. Drizly (2022))

Use this to draft a section for an annual or ad-hoc transparency report covering security: requests received, incidents, and program highlights; supports accountability and stakeholder trust.

Purpose

This section provides a structured transparency narrative for FTC v. Drizly (2022), summarizing incident and governance context, program improvements, and measurable control progress for external stakeholders. It is designed for consistent recurring reporting.

Hallucinated writing examples

Scenario: In an illustrative period after the FTC consent order addressing Drizly security-program deficiencies (time), the Security Director (role) prepares a security transparency report section (type) for leadership stakeholders (audience).

SECURITY — TRANSPARENCY REPORT SECTION (DRAFT)

Reporting period: January 1, 2023 – December 31, 2023
Scope: E-commerce customer data security and FTC order implementation
Prepared for: Annual Trust / Transparency Report
Date: March 2024

Overview: This transparency section summarizes security-program implementation status, incident context, and order-aligned governance activity for external stakeholders.

Material Cybersecurity Incident: The July 2020 incident involved unauthorized access associated with compromised credentials and insufficient controls. During this reporting period, implementation work remained focused on reducing recurrence risk and strengthening operational discipline.

Regulatory and Legal Outcomes: The FTC consent order established specific governance and program obligations. We continue implementing and tracking those requirements through coordinated Legal, Compliance, and Security oversight and routine evidence development.

Program Highlights (2023): Highlights include credential and secret-management hardening, enhanced access governance, expanded logging and retention controls, and structured third-party and internal assurance reviews. We continue recurring management reporting on milestone completion and residual risk. References: [FTC order], [Company security page]. For questions: [contact].

Document-type guide: Security Transparency Report Section

Writing tips: Writing best practices — Security Transparency Report Section

© 2026 Yi Zhang. Licensed under the MIT License.
Last updated: 2026 April 17 9:37 AM