On January 11, U.S. and Swiss authorities announced final agreement on the Swiss-U.S. Privacy Shield Framework. The Framework defines standards for handling personal data exported from Switzerland to the U.S. and enables U.S. companies to meet Swiss legal requirements to protect personal data transferred from Switzerland.
On the e-discovery vendor front, the pace of consolidation of large service providers in 2016 was unprecedented compared to prior years.
A new survey reveals that 65 percent of senior IT and security executives think that the biggest security risks for business come from public clouds.
I have seen hundreds of mistakes over the years, especially in the last decade when my work as a lawyer has been limited to electronic discovery. Many of these blunders were made by “the other side.” Some were funny and made me smile, others were not and led to motions of all kinds. Keeping it real, I have made my own fair share of errors too. Those lessons were painful, but are now deeply etched
The New York Department of Financial Services has released an extensively revised cybersecurity regulation applicable to the wide variety of financial services companies regulated by the NYDFS. Released on December 28, 2016, the revised regulation makes multiple changes to almost every provision in the original proposal.
The report includes an analytic assessment drafted and coordinated among The Central Intelligence Agency (CIA), The Federal Bureau of Investigation (FBI), and The National Security Agency (NSA), which draws on intelligence information collected and disseminated by those three agencies. It covers the motivation and scope of Moscow’s intentions regarding US elections and Moscow’s use of cyber tools and media campaigns to influence US public opinion.
A commitment to good cybersecurity and best practices is critical to protecting networks and systems. Here are some questions you may want to ask your organization to help prevent and mitigate against attacks.
The Department of Homeland Security (DHS) encourages network administrators to implement these recommendations below, which can prevent as many as 85 percent of targeted cyber-attacks.
Technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities.
Three Chinese citizens have been charged with hacking into the servers of two prominent – but unidentified – international law firms to steal confidential client information in connection with pending M&A deals.
Putting aside the dystopian views that sensationalize AI, bright prospects are ahead for corporations that embrace this transition to new ways of thinking. However, to make the leap, some radical adjustments in the ways of working are necessary.
The Article 29 Data Protection Working Party (WP29) recently held its December plenary meeting to discuss certain issues related to the implementation of the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), which will take effect in May 2018, and of the Privacy Shield, which was opened for self-certification by companies in August.
But as serious as these [recent] incidents are individually and collectively, none effectively illustrates the potential catastrophic consequences that cyber incidents can have when they transcend individual institutions, and affect our markets and financial systems.
Beginning January Google will start using full-page warnings in Chrome when the browser encounters sites using TLS/SSL or digital certificates signed with the aging SHA-1 hashing algorithm.
The survey results suggest that all parties building out eDiscovery services are feeling the impact of a competitive marketplace, namely; data volumes, budgetary constraints, and lack of personnel.
There are currently no mandatory reporting requirements under UK law specific to cybersecurity incidents except in relation to those communications service providers that are subject to the Privacy and Electronic Communications (EC Directive) Regulations 2003 (as amended).
Traditional technologies such as relational database management systems make it challenging, if not impossible, to process growing volumes of data and make it accessible, actionable and flexible to changing needs in terms of queries and analytics.
SaaS Benefit: Putting costs under operational expenses also affords companies better control of technology spending across the enterprise.
Throughout the election cycle, anxiety over cybersecurity was a central theme, raising issues that businesses and government will face for years to come.
Cloud services providers are subject to HIPAA as business associates even if they are unable to view PHI.
In an industry founded on the legal and ethical obligation to keep information confidential, a data breach erodes trust and may even be grounds for legal and regulatory actions.
Many firms have the mistaken impression that their data is safest where they can “touch” it and are hesitant to move it from on-premise to the cloud. Yet, law firms aren’t actually that confident about their own security.
Cloud-centric computing is inevitable because the network, not your network, is just a conduit to allow access from trusted requestors to trusted resources.
“Law firms that elect to avoid cloud-driven solutions with the intention of offering clients greater security may not actually be providing greater security.”