Posts Tagged ‘security’

New Webinar – Mitigating the Threat: Lessons Learned from Sony Confirmation

New Webinar - Mitigating the Threat: Lessons Learned from Sony Confirmation

The attack on Sony Pictures Entertainment exposed sensitive intellectual property, revealed personal employee details, and demonstrated the vulnerabilities of U.S. companies to cyberattack. Two months later, the dust continues to settle as the repercussions of this breach are assessed. Far beyond the millions of dollars in lost revenue, Sony may suffer significant reputational risk and could endure protracted lawsuits for years to come. For the financial industry, the implications of a breach of this magnitude would extend even further, into its fiduciary responsibility to protect the vital economic lifeblood of the United States.


Everything You Really Need to Know About Docker

Everything You Really Need to Know About Docker

A two-year-old technology is at the spearhead of a genuine revolution in data center architectures, for both software and hardware.


Ethical Issues Implicated by Lawyers’ Use of Third-Party Cloud Services

Ethical Issues Implicated by Lawyers’ Use of Third-Party Cloud Services

Recent amendments to the ABA Model Rules of Professional Conduct (Model Rules) indicate less leeway for lawyers who inadvertently violate their ethical obligations through the use of technology, including such ubiquitous services as cloud computing.


Medical Identity Theft Costs Victims $13,450 Apiece

Medical Identity Theft Costs Victims $13,450 Apiece

New study shows not only is medical identity fraud costly for individuals, it’s happening a lot more often. Having steadily grown over the past five years, medical identity theft increased by a whopping 21.7 percent in 2014, according to a new report conducted by the Ponemon Institute on behalf of the Medical Identity Fraud Alliance (MIFA).


Healthcare Industry Poised to Take Giant Leap into the Cloud

Healthcare Industry Poised to Take Giant Leap into the Cloud

With the global market for electronic health records expected to exceed $22 billion by the end of this year, healthcare providers are shifting their focus on big data analytics and cloud computing to improve patient health information management.


Big Data Land Mines for Insurers To Avoid In 2015

Big Data Land Mines for Insurers To Avoid In 2015

Before data was big, Google was a verb, or Gordon Moore wrote his law, insurers were using math and statistics to predict the future. As early as the 2 nd millennia BC, Babylonian sea merchants paid lenders extra for a promise of help if their ship was to sink. They set prices by correlating data points to calculate the likelihood and potential cost of a disaster at sea. Data was sparse, and one would assume neither merchant nor lender consistently got a good deal. In 2015, property, casualty, life and health insurance companies are awash in data.


Big Surprise! – There will be no Privacy in the Future, and IoT is Part of the Problem!

Big Surprise! – There will be no Privacy in the Future, and IoT is Part of the Problem!

Pew research report “ The Future of Privacy ” indicated by 2015 that 55% of the 2,211 respondents no one should really expect any privacy and that the IoT (Internet of Things) will make things worse.


Cybersecurity and Privacy Diligence in a Post-Breach World

Cybersecurity and Privacy Diligence in a Post-Breach World

In November 2014—just two weeks after Admiral Michael Rogers, director of the National Security Agency, testified to the House Intelligence Committee that certain nation-state actors had the capability of “infiltrating the networks of industrial-control systems, the electronic brains behind infrastructure like the electrical grid, nuclear power plants, air traffic control and subway systems”—Sony Pictures announced it had experienced a major cyber-attack, one many sources believe was likely perpetrated by or on behalf of a nation-state. This destructive cyber-attack was a game-changer for corporate America because it became clear that hackers are not simply focused on credit card numbers or personal information. Indeed, the attack on Sony was designed to steal the Company’s intellectual property, disseminate personal emails of high-ranking executives, and destroy Sony servers and hard drives, rendering them useless.


Anthem Data Breach: A Wake-up Call for Security and Governance

Anthem Data Breach: A Wake-up Call for Security and Governance

The Anthem security breach and massive PII data exposure is an unfortunate recent reminder that breaches are now routine. Hackers can leverage the most basic vulnerabilities, such as static passwords to gain access to protected systems. It also highlights a troubling new trend whereby hackers use cloud services, particularly unapproved cloud storage and file sync and share services as the data exfiltration vector. The most troubling part is that hackers don’t require innovative schemes to exfiltrate data, but rather use unmonitored and unsecured cloud services as a front door exfiltration vector.


A Potentially Burning Issue: Backing Up ALL Your Data – Even Analog

A Potentially Burning Issue: Backing Up ALL Your Data - Even Analog

Two of the principal reasons that paper documents are not backed up digitally is the high cost of scanning or digitizing them in the first place, and the challenge of then being able to index and access them after they’re digitized. BeyondRepro, a member of the BeyondRecognition network of companies, has new technology that addresses both issues, as well as a business model that makes it even more practical to backup paper documents.


A New Approach to Redaction

A New Approach to Redaction

Leveraging advanced visual classification technology to evaluate sensitive data and redact based on either word or pattern matching or on redacting certain zones within groupings of visually-similar documents, BeyondRedaction allow corporations to quickly and cost effectively redact sensitive data at a rate far exceeding traditional standard redaction technologies and processes.


Information Governance v Search: The Battle Lines Are Redrawn

Information Governance v Search: The Battle Lines Are Redrawn

There is a battle in the legal tech world between Information Governance and Search. It reflects a larger conflict in IT and all of society. Last year I came to believe that Information Governance’s preoccupation with classification, retention, and destruction of information was a futile pursuit. I challenged these activities as inefficient and doomed to failure in the age of information explosion. Instead of classify and kill, I embraced the googlesque approach of save and search. I became wary of the whole approach of governing information as hostile to individual privacy rights and liberties.


A Fun (And Educational) Look At LegalTech NY 2015: 15 Vendor Notes

A Fun (And Educational) Look At LegalTech NY 2015: 15 Vendor Notes

As LegalTech NY 2015 draws to a close and legal technology practitioners begin the transition from the event back into the daily execution of their specific duties, the following compilation of 15 vendor notes may serve as a fun reminder of some of the more interesting topics shared during the week.


Top 10 International Privacy Developments of 2014

Top 10 International Privacy Developments of 2014

Safe Harbor Under Review. 2014 saw a continuation of the uncertainty around the future of the EU-U.S. Safe Harbor Agreement. In March 2014, the European Parliament voted to suspend the Agreement as a result of Edward Snowden’s revelations on the mass surveillance carried out by the U.S. Government. Following on from the Parliament’s vote, the Trans-Atlantic Business Dialogue continues to negotiate the areas where the Safe Harbor Agreement can be improved, as detailed in our blog post here. The dialogue seeks to reach agreement on 13 areas of potential improvement proposed by the European Commission in its report of 2013. Eleven out of the 13 recommendations were close to final agreement by end of 2014; the final two are the most contentious, as they involve the activities of U.S. intelligence agencies. The uncertainty was reiterated by Andrus Ansip, Vice-President for Digital Single Market, who said he might be willing to suspend the Agreement unless the security of EU citizens’ data could be guaranteed by the U.S. Looking ahead, the CJEU is expected to examine the legality of the Safe Harbor Agreement in 2015 following a referral from Ireland’s High Court of a case brought by privacy activist Max Schrems against the Irish Data Protection Commissioner effectively challenging the validity of Safe Harbor in Europe in relation to transfers from Facebook Ireland to Facebook’s U.S. parent company.


Two-Filter Document Culling – Part Two

Two-Filter Document Culling – Part Two

The second filter begins where the first leaves off. The ESI has already been purged of unwanted custodians, date ranges, spam, and other obvious irrelevant files and file types. Think of the First Filter as a rough, coarse filter, and the Second Filter as fine grained. The Second Filter requires a much deeper dive into file contents to cull out irrelevance. The most effective way to do that is to use predictive coding, by which I mean active machine learning, supplemented somewhat by using a variety of methods to find good training documents.


Information Governance Revisited

Information Governance Revisited

McKinnon and her colleagues suggest that we view information governance “as a corporate objective, enabled by programs, projects, priorities, people and technology.” This aligns well with my recommendation to take a strategic approach to information governance.


What CENTCOM Can Teach You About Cloud Security

What CENTCOM Can Teach You About Cloud Security

Individuals calling themselves the “CyberCaliphate” hacked into the Twitter feed for the U.S. military’s Central Command last week, and for 40 minutes posted photos, links, and videos before the account was shut down. They also gained access to Central Command’s YouTube profile, updating the banner image and posting Islamic State propaganda videos. While no confidential or top secret information was stolen, and hackers did not gain access to the U.S. Department of Defense’s network, the incident illustrates the risks government agencies face as they increasingly rely on cloud services to fulfill their mission and communicate with the outside world.


Podcast: The Government’s Dark Data: A Decade of Discovery

Podcast: The Government’s Dark Data: A Decade of Discovery

In this episode of Digital Detectives, Sharon Nelson and John Simek interview Jason Baron about information governance, dark data, open government, and his role in The Decade of Discovery. Baron talks about the increasing amount of electronic data affecting the Freedom of Information Act (FOIA) and the discussion e-discovery experts need to have about providing public access to government records.


2014 Year-End E-Discovery Update

2014 Year-End E-Discovery Update

By Gibson Dunn In our Mid-Year E-Discovery Update , we reported that 2014 was shaping up to be the “year of technology” in e-discovery. The remainder of the year more than lived up to those expectations. Powerful new data analytics tools have become available for search and review, predictive coding pricing is becoming more accessible […]


A New Model for Cloud Maturity

A New Model for Cloud Maturity

According to a recent Cloud Security Alliance survey on cloud adoption practices and trends , large companies have more mature governance practices than their smaller peers. But across the board, fewer than half of companies surveyed have implemented controls like acceptable use policies for cloud, security awareness training programs, and cloud governance committees to create policies and monitor enforcement. Today, 72% of companies don’t even know the scope of shadow IT at their companies, but the majority understand shadow IT is not going away and must be managed.


Information Governance: Not A Product, Not A Technology, Not A Market

Information Governance: Not A Product, Not A Technology, Not A Market

I’m going to add to the IG definition war this week, by describing information governance as:

“A holistic strategy for using and managing information to meet business objectives. Information governance assures the quality of content and data, maximizes its value, and ensures that security, privacy, and life-cycle requirements are met”.


Introducing “ei-Recall” – A New Gold Standard for Recall Calculations in Legal Search – Part Two

Introducing “ei-Recall” – A New Gold Standard for Recall Calculations in Legal Search – Part Two

A review some of the basic concepts and terminology used in this article may be helpful before going further. It is also important to remember that ei-Recall is a method for measuring recall, not attaining recall. There is a fundamental difference. Many of my other articles have discussed search and review methods to achieve recall, but this one does not.

Everyone should know that in legal search analysis False Negatives are documents that were falsely predicted to be irrelevant, that are in fact relevant. They are mistakes. Conversely, documents predicted irrelevant, that are in fact irrelevant, are called True Negatives. Documents predicted relevant that are in fact relevant are called True Positives. Documents predicted relevant that are in fact irrelevant are called False Positives.


Unclear on the Concept, Revisited

Unclear on the Concept, Revisited

A colleague buttonholed me at the American Bar Association’s recent TechShow and asked if I’d visit with a company selling concept search software to electronic discovery vendors. Concept searching allows electronic documents to be found based on the ideas they contain instead of particular words. A concept search for “exploding gas tank” should also flag documents that address fuel-fed fires, defective filler tubes and the Ford Pinto. An effective concept search engine “learns” from the data it analyzes and applies its own language intelligence, allowing it to, e.g., recognize misspelled words and explore synonymous keywords.


Using Spellcheck? Electromagnetic Fields Could Reveal Your Writing

Using Spellcheck? Electromagnetic Fields Could Reveal Your Writing

It has long been known that subtle electronic fields and noises emitted by computers can reveal clues about your activity, a powerful spying method that can be done from a few feet away. These so-called “side-channel signals” can be collected by antennas or microphones and through analysis could reveal sensitive data such as encryption keys.