Posts Tagged ‘security’

German Parliament Enacts Wide-ranging Surveillance Powers Allowing End User Devices to Be Hacked by Authorities

German Parliament Enacts Wide-ranging Surveillance Powers Allowing End User Devices to Be Hacked by Authorities

On June 22, 2017, the German Parliament passed a bill that, among other things, awards extensive surveillance powers to law enforcement authorities.


Is Revenue Raining Out of Your Cloud?

Is Revenue Raining Out of Your Cloud?

Traditional technology hardware and software companies are seeing a significant share of their growth from the cloud. With legacy revenue streams declining – and in some cases declining rapidly – it is imperative that companies make the transition to cloud effectively. This is no simple task.


No Searching of Cloud Data at the Border

No Searching of Cloud Data at the Border

U.S. border officers aren’t allowed to look at any data stored only in the “cloud” — including social media data — when they search U.S. travelers’ phones.


Tallinn Manual 2.0: The Rulebook for Cyberwar

Tallinn Manual 2.0: The Rulebook for Cyberwar

The Tallinn Manual 2.0 is a unique collection of law on cyber-conflict, says Professor Michael Schmitt from the UK’s University of Exeter, who led work on the tome.


Data Loss Threatens M&A Deals

Data Loss Threatens M&A Deals

More than half of all enterprise data now lives on endpoints, beyond traditional visibility and security tools centered on a network drive or central server. If the target company can’t see what its employees are doing with data on their laptops and desktops, then a potential buyer has near zero visibility.


A Little Privacy is Better Than None: Considering Private and Public Cloud Computing

A Little Privacy is Better Than None: Considering Private and Public Cloud Computing

Extracts from two informational papers highlighting key differences between private and public cloud infrastructures and why those differences may be important for the security of critical data and applications.


The New Information Governance Playbook for Addressing Digital Age Threats

The New Information Governance Playbook for Addressing Digital Age Threats

Published in the Richmond Journal of Law & Technology, The New Information Governance Playbook for Addressing Digital Age Threats by Philip Favro, Donald Billings, David Horrigan, and Adam Kuhn provides actionable information for assessing and addressing cyber threats.


Deeper Dive: Vendor Management Crucial for Data Protection

Deeper Dive: Vendor Management Crucial for Data Protection

Organizational obligations regarding data privacy and security extend not only to the data in a company’s possession, but also to its data in the possession of a third-party service provider or business partner.


What Is Auto-Classification and How Does It Assist with GDPR Compliance?

What Is Auto-Classification and How Does It Assist with GDPR Compliance?

Auto-Classification’s ability to group information by category or by specific characteristics will prove useful for GDPR compliance. Similarly, Auto-Classification’s ability to detect the presence of PII and other sensitive content will likely become a best practice when it comes establishing GDPR protections.


Cybersecurity a Pain Point for Plaintiffs

Cybersecurity a Pain Point for Plaintiffs

Enhanced cybersecurity is a rising tide that floats all boats. But, let me reveal who’s likely to get swamped by this rising tide: requesting parties (or, as corporations call them “plaintiffs’ lawyers”), and their experts and litigation support providers.


eDiscovery: Asia Pacific To Top North America In Growth Rate Due To Robust Industrialization

eDiscovery: Asia Pacific To Top North America In Growth Rate Due To Robust Industrialization

From a geographical standpoint, North America accounts for a dominant share in the global eDiscovery service. In the next couple of years, the region will likely pare some of its share on account of Asia Pacific overtaking it in terms of growth rate.


Five Steps to Take in the Aftermath of a Breach

Five Steps to Take in the Aftermath of a Breach

To help minimize damage, organizations should be ready to take these five steps in the aftermath of a breach.


Securing Client Communications: ABA Issues New Ethics Opinion on Attorney-Client Email

Securing Client Communications: ABA Issues New Ethics Opinion on Attorney-Client Email

This opinion sends a clear signal that law firms have to pay attention to the security of email and other client communication.


WannaCry Cyber-Attack: Is My Computer at Risk?

WannaCry Cyber-Attack: Is My Computer at Risk?

Ransomware – a malicious program that locks a computer’s files until a ransom is paid – is not new but the size of this attack by the WannaCry virus is “unprecedented”, according to EU police body Europol.


Why You Need to Prepare for the GDPR Now

Why You Need to Prepare for the GDPR Now

The GDPR legislation is complex and far-reaching, laying out some specific mandates for businesses. It compels businesses to securely collect and store — as well as more diligently use — the personal data of consumers in 28 EU member states. This will also include the UK, which will maintain equivalent laws post-Brexit.


Creating a Coordinated Approach to Assurance

Creating a Coordinated Approach to Assurance

Coordinated assurance requires a common understanding of the company’s risk universe, risk ratings, rules for oversight ownership and guidelines for when new risks are added to the framework.


Mind the Gap

Mind the Gap

Companies are setting off on their path towards digital transformation. They do well if they start considering security requirements going along with the needs of a modern world before they set off on that path.


Cyber-Insurance: Assess Risk, Policy & Obligations

Cyber-Insurance: Assess Risk, Policy & Obligations

The Ponemon Institute’s 2016 [Data Protection Benchmark] study pegs the average cost of a data breach at $4 million, with per-record costs rising slightly to $158 each.


Tanium CEO Admits Using Real Hospital Data in Sales Demos

Tanium CEO Admits Using Real Hospital Data in Sales Demos

Following a report by The Wall Street Journal that the security vendor Tanium used a hospital’s live network as a demonstration platform on sales calls and even revealed private hospital data in a publicly posted demonstration video, Tanium CEO Orion Hindawi has admitted that mistakes were made in handling data from El Camino Hospital’s network.


A New Paradigm in Mobile Device Preservation

A New Paradigm in Mobile Device Preservation

Today, if you fail to advise clients to preserve relevant and unique mobile data when under a preservation duty, you’re committing malpractice.


Data Flows from China Could Be Significantly Restricted

Data Flows from China Could Be Significantly Restricted

Proposed Chinese regulations (open in Google Chrome for English translation) could substantially limit the ability of companies in China from sending data outside of that country. If implemented, the regulations would potentially affect almost any type of business or data flow.


95% of Organizations Have Employees Seeking to Bypass Security Controls

95% of Organizations Have Employees Seeking to Bypass Security Controls

Employees using private VPNs and Tor on an enterprise network are typically trying to hide their actions and do something that will not be detected by the organization’s security controls, he says. “Security bypass is the first step towards data theft or other destructive behavior,” Koo says.


Swiss-U.S. Privacy Shield FAQs

Swiss-U.S. Privacy Shield FAQs

When can an organization self-certify to the Swiss-U.S. Privacy Shield? Starting April 12, 2017, organizations can self-certify to the Swiss – U.S. Privacy Shield Framework.


Phishing – Why We Keep Getting Netted

Phishing - Why We Keep Getting Netted

Phishing can unlock a considerable amount of resources to a hacker. Businesses must have a complete and automated view of everything in their system, or they could be gutted before they’ve had time to think.