The Federal Trade Commission has taken a lot of heat for not issuing regulations that inform companies about what data security measures it will consider “reasonable” and adequate.  Instead, it has said companies should just look at the 50+ settlements of security-related enforcement actions the Commission has undertaken and glean guidance from those.  Now, the FTC has tried to help companies do just that by issuing “Start With Security: A Guide to Business.”  The Guide tries to “[d]istill the facts of those cases down to their essence” in order to provide ten lessons on what businesses can do to reduce their vulnerability to data breaches and ‒ hopefully ‒ avoid the withering glare of an enforcement action.