Data minimization can be a powerful – and seemingly simple – data security measure. The term refers to retaining the least amount of personal information necessary in order for an organization to function. Less information means that there is less that the organization needs to protect, and less opportunity for information to be lost or stolen.
Verizon’s 2016 Data Breach Investigations Report doesn’t waste any time providing useful statistics regarding the state of data breaches – they state right on the cover of the report that “89% of breaches had a financial or espionage motive.”
It turns out that IT pros across the pond have the same concerns as here in the U.S., as the survey found that security is the top concern when moving critical applications to cloud. Specifically, 44 percent of U.S. and U.K. IT pros cited external hacking/data breaches as their top concerns, ahead of insider attacks and user error.
A pair of recent cases pitted the U.S. Department of Justice (DOJ) against Apple, Inc. (Apple) in a Herculean struggle between asserted interests in national security and privacy.
Private cloud offerings including SaaS are growing in our industry largely due to the expense in maintaining hardware and security protocols for client data that law firms have traditionally managed.
While cybersecurity risks have increased, government regulation has traditionally lagged behind. Recently, some government entities have tried to catch up by mandating that companies take a proactive approach toward protecting personal and competitively sensitive data. The move is a departure from the traditional reactive response of simply notifying consumers after their personal data is breached.
As the volume and complexity of client data proliferates, protecting client confidentiality only becomes harder. Unfortunately, law firms are often soft targets for hackers because they do not invest heavily in information technology infrastructure and security.
As demonstrated by the so-called “Panama Papers” leak of 11.5 million records from the Panama-based law firm Mossack Fonseca, there’s no doubt that law firms are being targeted by attackers seeking to access, steal and potentially leak their clients’ secrets.
Concerns over compliance and fears of data breaches are key drivers for information management initiatives in the enterprise.
For the eDiscovery community, this is a fascinating scandal because at its root are all the issues we face every day — data privacy, data security, large amounts of structured and unstructured data, finding out as quickly as possible what you have and building a strategy with ongoing information revelations.
Cyber liability insurance has actually been around since the turn of the century (back then it was called Errors and Omissions Insurance). In the early 2000’s, this kind of insurance was only purchased by big technology companies. It’s only now that other, smaller companies are stepping up to manage the risks associated with data breaches.
The new Privacy Shield creates multiple enforcement mechanisms for the EU Data Protection Authorities (DPA’s) and multiple civil and administrative paths for remedies for the EU citizen. Consent requirements are expected to be higher, and there is an expectation that data will be secured.
Our means for gathering data have largely outstripped our tools for analyzing that data. The result is a mountain of unstructured and largely inaccessible information gathered from social media, app permissions, website cookies and hardware and software service agreements.
E-discovery is an example of the legal market trying to get a handle on the vaulting demands of the real world.
From the malicious to the unintentional, cyber incidents continue to increase in frequency, severity, and cost to companies. The Ponemon Institute estimates that data breaches now cost companies an average of $174 per record, with many breaches running into the high thousands or millions of records.
An international team of journalists has obtained what it’s referring to as the “biggest leak in history”: A 2.6-terabyte stash of data about offshore savings and tax havens from Panama-based legal firm Mossack Fonseca.
The accelerating growth of cloud-based legal technology usage is driving increased litigator attention on the determination of what constitutes acceptable and defensible data and application security.
More objects are becoming embedded with sensors and gaining the ability to communicate. The resulting information networks promise to create new business models, improve business processes, and reduce costs and risks.
A survey released on Tuesday suggests the federal government’s recommended framework for how companies can reduce their cybersecurity risk is gaining traction.
Fighting the move to the cloud is a losing battle. But that doesn’t mean we have to throw our arms up and give up on mitigating risk through other means.
Information Governance isn’t just technology driven, nor is it solely business driven. It is a partnership between business and technology. Both must be present in the program.
According to the Identity Theft Resource Center there were a total of 110 data breaches and almost 1.8 million records exposed during just the first two months of 2016.
The fact is that, of the nearly 5,000 publicly-known data breaches over the past dozen or so years, less than 5% have resulted in litigation. If your cyber coverage only kicks in when a third party makes a claim, then practically speaking you may not have any coverage at all.
The field has also seen a healthy proliferation of industry intelligence identifying the current best solutions on the market and the better-known vendors providing them.