Posts Tagged ‘security’

Data Loss Threatens M&A Deals

Data Loss Threatens M&A Deals

More than half of all enterprise data now lives on endpoints, beyond traditional visibility and security tools centered on a network drive or central server. If the target company can’t see what its employees are doing with data on their laptops and desktops, then a potential buyer has near zero visibility.


A Little Privacy is Better Than None: Considering Private and Public Cloud Computing

A Little Privacy is Better Than None: Considering Private and Public Cloud Computing

Extracts from two informational papers highlighting key differences between private and public cloud infrastructures and why those differences may be important for the security of critical data and applications.


The New Information Governance Playbook for Addressing Digital Age Threats

The New Information Governance Playbook for Addressing Digital Age Threats

Published in the Richmond Journal of Law & Technology, The New Information Governance Playbook for Addressing Digital Age Threats by Philip Favro, Donald Billings, David Horrigan, and Adam Kuhn provides actionable information for assessing and addressing cyber threats.


Deeper Dive: Vendor Management Crucial for Data Protection

Deeper Dive: Vendor Management Crucial for Data Protection

Organizational obligations regarding data privacy and security extend not only to the data in a company’s possession, but also to its data in the possession of a third-party service provider or business partner.


What Is Auto-Classification and How Does It Assist with GDPR Compliance?

What Is Auto-Classification and How Does It Assist with GDPR Compliance?

Auto-Classification’s ability to group information by category or by specific characteristics will prove useful for GDPR compliance. Similarly, Auto-Classification’s ability to detect the presence of PII and other sensitive content will likely become a best practice when it comes establishing GDPR protections.


Cybersecurity a Pain Point for Plaintiffs

Cybersecurity a Pain Point for Plaintiffs

Enhanced cybersecurity is a rising tide that floats all boats. But, let me reveal who’s likely to get swamped by this rising tide: requesting parties (or, as corporations call them “plaintiffs’ lawyers”), and their experts and litigation support providers.


eDiscovery: Asia Pacific To Top North America In Growth Rate Due To Robust Industrialization

eDiscovery: Asia Pacific To Top North America In Growth Rate Due To Robust Industrialization

From a geographical standpoint, North America accounts for a dominant share in the global eDiscovery service. In the next couple of years, the region will likely pare some of its share on account of Asia Pacific overtaking it in terms of growth rate.


Five Steps to Take in the Aftermath of a Breach

Five Steps to Take in the Aftermath of a Breach

To help minimize damage, organizations should be ready to take these five steps in the aftermath of a breach.


Securing Client Communications: ABA Issues New Ethics Opinion on Attorney-Client Email

Securing Client Communications: ABA Issues New Ethics Opinion on Attorney-Client Email

This opinion sends a clear signal that law firms have to pay attention to the security of email and other client communication.


WannaCry Cyber-Attack: Is My Computer at Risk?

WannaCry Cyber-Attack: Is My Computer at Risk?

Ransomware – a malicious program that locks a computer’s files until a ransom is paid – is not new but the size of this attack by the WannaCry virus is “unprecedented”, according to EU police body Europol.


Why You Need to Prepare for the GDPR Now

Why You Need to Prepare for the GDPR Now

The GDPR legislation is complex and far-reaching, laying out some specific mandates for businesses. It compels businesses to securely collect and store — as well as more diligently use — the personal data of consumers in 28 EU member states. This will also include the UK, which will maintain equivalent laws post-Brexit.


Creating a Coordinated Approach to Assurance

Creating a Coordinated Approach to Assurance

Coordinated assurance requires a common understanding of the company’s risk universe, risk ratings, rules for oversight ownership and guidelines for when new risks are added to the framework.


Mind the Gap

Mind the Gap

Companies are setting off on their path towards digital transformation. They do well if they start considering security requirements going along with the needs of a modern world before they set off on that path.


Cyber-Insurance: Assess Risk, Policy & Obligations

Cyber-Insurance: Assess Risk, Policy & Obligations

The Ponemon Institute’s 2016 [Data Protection Benchmark] study pegs the average cost of a data breach at $4 million, with per-record costs rising slightly to $158 each.


Tanium CEO Admits Using Real Hospital Data in Sales Demos

Tanium CEO Admits Using Real Hospital Data in Sales Demos

Following a report by The Wall Street Journal that the security vendor Tanium used a hospital’s live network as a demonstration platform on sales calls and even revealed private hospital data in a publicly posted demonstration video, Tanium CEO Orion Hindawi has admitted that mistakes were made in handling data from El Camino Hospital’s network.


A New Paradigm in Mobile Device Preservation

A New Paradigm in Mobile Device Preservation

Today, if you fail to advise clients to preserve relevant and unique mobile data when under a preservation duty, you’re committing malpractice.


Data Flows from China Could Be Significantly Restricted

Data Flows from China Could Be Significantly Restricted

Proposed Chinese regulations (open in Google Chrome for English translation) could substantially limit the ability of companies in China from sending data outside of that country. If implemented, the regulations would potentially affect almost any type of business or data flow.


95% of Organizations Have Employees Seeking to Bypass Security Controls

95% of Organizations Have Employees Seeking to Bypass Security Controls

Employees using private VPNs and Tor on an enterprise network are typically trying to hide their actions and do something that will not be detected by the organization’s security controls, he says. “Security bypass is the first step towards data theft or other destructive behavior,” Koo says.


Swiss-U.S. Privacy Shield FAQs

Swiss-U.S. Privacy Shield FAQs

When can an organization self-certify to the Swiss-U.S. Privacy Shield? Starting April 12, 2017, organizations can self-certify to the Swiss – U.S. Privacy Shield Framework.


Phishing – Why We Keep Getting Netted

Phishing - Why We Keep Getting Netted

Phishing can unlock a considerable amount of resources to a hacker. Businesses must have a complete and automated view of everything in their system, or they could be gutted before they’ve had time to think.


First EU-US Privacy Shield Annual Review to Take Place in September 2017

First EU-US Privacy Shield Annual Review to Take Place in September 2017

The inaugural annual review into the operation of the EU-US Privacy Shield is to take place in September this year. EU justice commissioner Věra Jourová confirmed the timing of the review in a speech in Washington late last week.


The Laziest, Cheapest Way to Circumvent Your Snooping ISP

The Laziest, Cheapest Way to Circumvent Your Snooping ISP

Congress decided that your ISP should be allowed to sell off your private browsing data, but the solutions to get around this are a bit complicated, costly, or just a pain.


FBI Warns of Cybersecurity Risk from FTPs

FBI Warns of Cybersecurity Risk from FTPs

The FBI recommends medical and dental healthcare entities request their respective IT services personnel to check networks for FTP servers running in anonymous mode.


How AI Is Transforming the Workplace

How AI Is Transforming the Workplace

AI is also beginning to help managers peer into personal aspects of job performance that used to be left up to managers’ instincts and observations.