-
Cybersecurity Law & Strategy
Coronavirus Work-from-Home Response A Boon for Cybercriminal Exploitation
Mark Sangster
Companies determined to protect their employees and minimize the impact of COVID-19 are enforcing travel restrictions and strong work-from-home policies. However those actions can be used against employees as any firms are likely unprepared for the criminal appetite for the cyberattack exploitation of a remote workforce. Here are some of the key issues of which law firms and companies need to be aware and steps that should be considered to minimize the risk to keep everyone — and client data — safe.
Read More ›
-
Cybersecurity Law & Strategy
COVID-19: Threats Abound: How to Protect Your Remote Workforce
Tomas Suros
The COVID-19 pandemic has changed the conversation around remote work. As more employees work remotely, law firms must employ security best practices to ensure that the extended reliance on the cloud doesn’t expose sensitive data or cripple daily operations. Following is a practical checklist of systems, technologies and processes to consider when evolving your firm for remote work and selecting your cloud technology provider.
Read More ›
-
Cybersecurity Law & Strategy
COVID-19: Companies, Trade Organizations Seek to Postpone CCPA Enforcement Date
Dan Clark
Over 30 trade associations and companies co-signed a letter last month to California Attorney General Xavier Becerra asking him to push back the enforcement date for the California Consumer Privacy Act due to the new coronavirus and a lack of clarity on the enforcement rules.
Read More ›
-
Cybersecurity Law & Strategy
The California Consumer Privacy Act is HERE: Are You Litigation Ready?
Ann Marie Mortimer, Jason J. Kim and Lisa J. Sotto
Most companies doing business in California are well aware of the CCPA and prepared diligently in advance of the law’s Jan. 1, 2020 compliance deadline. While compliance certainly is key, even compliant businesses must consider — and prepare for — the eventual onslaught of class action litigation that is coming.
Read More ›
-
Cybersecurity Law & Strategy
States Take the Lead on Securing IoT
Ashley Thomas
The California IoT Security Law is the first of its kind in the nation and pushes device manufacturers to adopt cybersecurity standards during the product development and design stages where none have existed before.
Read More ›
-
Cybersecurity Law & Strategy
Why the Cannabis Industry Must Address the Unique Challenges of Mandated Data Retention
Anita Sabine and Brandon Reilly
Two overarching factors increase the cannabis industry’s data security risks: data sensitivity brought on by federal illegality and lingering cultural divisiveness; and massive, mandated data footprints brought on by intense state and local regulatory scrutiny.
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: Recovery Models for e-Discovery and Litigation Support Services that Make an Impact
Nathan Curtis
With big data and the resulting explosion of electronic documents, texts, images and voicemails that are subject to discovery, the cost burden was increasing at a pace that required firms to reconsider their recovery approach. This is why in 2019, Mattern conducted its first deep dive into e-discovery and litigation support cost recovery in the 2020 e-Discovery and Litigation Support Cost Recovery Survey. Some of the results were surprising.
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: Will the U.S. Become a Haven for International Discovery Under Section 1782?
David R. Cohen and Bradley C. Whitecap
Second and Eleventh Circuit rulings are likely to expand refuge to discovery in the U.S., even for international litigation and arbitrations that don’t ordinarily include discovery rights.
Read More ›
-
Cybersecurity Law & Strategy
Coronavirus Work-from-Home Response A Boon for Cybercriminal Exploitation
Mark Sangster
Here are some of the key issues of which law firms and companies need to be aware and steps that should be considered to minimize the risk to keep everyone — and client data — safe.
Read More ›
-
Cybersecurity Law & Strategy
Litigators and Privacy: The Last People You Want to See, or the First?
Michael Bahar, Sarah Paul, Matt Gatewood and Andrew Weiner
In their consideration of possible worst-case cyber attack scenarios, organizations often focus on the various types of attacks and their relative severity. But, the worst-case scenario is not the breach, it's the reputational damage, regulatory enforcement action, the business interruption, and the inevitable litigation that follows a poorly handled breach from an unprepared organization. Given this reality, it is important to adjust planning assumptions and response scenarios to focus on addressing these drivers of post-breach exposure.
Read More ›
-
Cybersecurity Law & Strategy
Protecting Innovation in the Cyber World from Patent Trolls
John Chen
With trillions of dollars to keep watch over, the last thing we need is the distraction of costly litigation brought on by patent assertion entities (PAEs or “patent trolls”), companies that don’t make any products but instead seek royalties by asserting their patents against those who do make products.
Read More ›
-
Cybersecurity Law & Strategy
In the Know: Top 5 Legal Technology Trends for the 2020s
Deb Dobson
Technology allows attorneys to keep informed so they can help their clients understand the potential impact on their company.
Read More ›
-
Cybersecurity Law & Strategy
Defining Reasonable Care for the Protection of Personal Data
Devin Chwastyk
The Pennsylvania Supreme Court enlivened the Thanksgiving holidays of privacy lawyers in 2018 with its decision in Dittman v. UPMC, which held that an employer has a legal duty to exercise reasonable care to safeguard employees’ personal information. While the scope of the decision technically was confined to the employer-employee relationship, the court’s reasoning implies that such a duty of reasonable care may arise in any scenario where one party engages in the collection of personal information.
Read More ›
-
Cybersecurity Law & Strategy
Navigating APT Intrusions
Chris Cwalina, Steven Roosa and Tristan Coughlin
Advanced Persistent Threat (APT) intrusions are sophisticated cyber-attacks carried out by well-funded and organized cyber-criminals. The attacks are designed to establish persistence using various tactics, techniques and procedures that are intended to avoid detection and mimic authorized activity in the environment, known as “living off the land.”
Read More ›
-
Cybersecurity Law & Strategy
Florida Lawmakers Introduce Online Privacy Legislation
David M. Stauss and Malia Rogers
Florida lawmakers have introduced companion bills in the Florida House (HB 963) and Senate (SB 1670) that would create limited online privacy rights and obligations in the state. The legislation appears to be very similar to the Nevada Online Privacy Protection Act, which was amended last year to add a right to opt-out of sales of covered information.
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: E-Discovery and Seizure Orders Under the Defend Trade Secrets Act
Philip Favro
Congress passed the Defend Trade Secrets with much fanfare, touting its potential to curtail both domestic and cross-border theft of American ingenuity and technology. The DTSA offers a unique and powerful remedy to aggrieved parties in their efforts to curb trade secret misappropriation: ex parte seizure of property containing trade secrets. This article provides a brief overview of DTSA seizure orders and discusses e-discovery considerations in connection with those orders.
Read More ›
-
Cybersecurity Law & Strategy
Hybrid Legal Document Review: Where Human and Artificial Intelligence Meet
Brian Schrader
AI is in many ways still in its infancy, and it’s important to realize that platforms utilizing this technology are heavily dependent on constant human interaction and training.
Read More ›
-
Cybersecurity Law & Strategy
A Look Behind, A Look Ahead: Part Two - E-Discovery
Steve Salkin
Part Two of a Two-Part Article
Cybersecurity Law & Strategy partnered with our ALM sibling Legaltech News to ask cybersecurity and e-discovery experts what they thought the key trends of 2019 and what they expect to see in 2020. Part Two looks at e-discovery.
Read More ›
-
Cybersecurity Law & Strategy
The Threat of Ransomware 2.0 for Law Practices
Gary Salman
During the past few months, there has been a significant paradigm shift in the cybersecurity world. Threat actors from Russia, in particular, have significantly enhanced their capabilities to target individual businesses and Managed Service Providers (MSPs) or IT companies. It is critical that lawyers, their firms and the companies they serve be aware of these threats and take the appropriate measures to proactively secure their own — and their clients’ — sensitive and private information.
Read More ›
-
Cybersecurity Law & Strategy
Law Firms Adopt a Legal Operations Perspective
Megan Miller
Law Firms Are Following the Lead of Their Corporate Clients In Implementing Legal Operations Methodologies
Legal operations as a discipline within corporate legal departments is receiving more attention, funding and staffing over the last few years.
Read More ›
-
Cybersecurity Law & Strategy
More Regulation, Stronger Investigations and Home Tech Devices Concerns to Come in 2020, New Gibson Dunn Report Warns
Steve Salkin
On Data Privacy Day last month, Gibson Dunn released the eighth edition of its United States Cybersecurity and Data Privacy Outlook and Review. The report details trends that the privacy industry saw in 2019 from a legislative, regulatory and judicial perspective.
Read More ›
-
Cybersecurity Law & Strategy
GDPR-Based Objections to U.S. Discovery Requests: 2019 Year in Review
Leslie Meredith
U.S. civil litigants faced with an obligation to produce “personal data” protected by GDPR can find themselves on the horns of a serious dilemma. Initial rulings addressing the tension between the broad scope of data protected by GDPR and the similarly broad scope of discovery under U.S. law revealed substantial skepticism that complying with a U.S. discovery request would expose parties to significant enforcement risk in the EU. This article takes a look at what arguments parties put forth in the past year, and make a few suggestions for how litigants can avoid violating one jurisdiction’s law to satisfy another’s courts.
Read More ›
-
Cybersecurity Law & Strategy
Data Breaches: Adding a New Layer to the Risk of Legal Malpractice
Karen Painter Randall and Steven A. Kroll
Those in the legal profession are not immune to a data breach. What’s more, ethical obligations put lawyers and law firms at even greater risk for significant business, financial and reputational harm should they experience a cyberattack. Attorneys have both an ethical and legal duty to take reasonable steps to protect their clients’ personal sensitive data against a cyberattack, or face serious ramifications.
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: E-Discovery Lessons from the Presidential Impeachment Proceedings
Joshua Hummel and Paul Fling
Whether we realize it or not, e-discovery has found a central place in the news during the Trump campaign and presidency, and in particular, during the impeachment proceedings.
Read More ›
-
Cybersecurity Law & Strategy
A Look Behind, A Look Ahead: Part 1 - Cybersecurity
Steve Salkin
Cybersecurity Law & Strategy partnered with our ALM sibling Legaltech News to ask cybersecurity and e-discovery experts what they thought the key trends were in 2019 and what they expect to see in 2020.
Read More ›
-
Cybersecurity Law & Strategy
Data Privacy: Building Compliant and Adaptable Systems
Tomas Suros
Rather than trying to institute changes to comply with every new privacy law as it emerges, a better approach is to view data privacy as an overall framework and adopt a holistic response to compliance with the built-in flexibility to constantly adapt to an ever-changing legal landscape.
Read More ›
-
Cybersecurity Law & Strategy
Cybersecurity Skills Update for 2020
Nina Cunningham
The demand for capable skilled professionals and team players in the information security industry is increasing. For those gaining skills to work in the industry for the first time, the challenge remains to hit the ground running with a position and, better, with a career path. Yet no career path in this industry will sidestep an ongoing foothold in the classroom — onsite or virtual.
Read More ›
-
Cybersecurity Law & Strategy
GDPR Had Some Bite in 2019
Victoria Hudgins
Although no company was hit with the maximum GDPR fine of 4% of the company’s worldwide annual revenue, GDPR fines issued in 2019 were still a force to be reckoned with.
Read More ›
-
Cybersecurity Law & Strategy
It’s Legalweek Time Again
This year, Legalweek will feature workshop boot camps, networking events, hundreds of exhibitors on the tradeshow floor and three conferences designed to address key issues at a functional level: LegalCIO, Legal Business Strategy, and, of course, Legaltech, the world’s largest and longest running trade show for legal technology.
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: Babst Calland & Solvaire: An AI Contract Review Use Case
Christian A. Farmakis
In today’s business climate, clients demand greater efficiency when it comes to contract review for many complex deals and transactions. We have found that the combination of deep legal expertise, coupled with embracing carefully researched and vetted technology, is the most effective means of delivering high quality and timely review in an increasingly competitive marketplace.
Read More ›
-
Business Crimes Bulletin
Insider Trading Policies and Cybersecurity
Michael J. Rivera and Abby I. Yi
Cybersecurity has been a high priority topic for the SEC the past few years. In September 2017, the SEC created a Cyber Unit within its Enforcement Division. This Cyber Unit had over 225 active investigations at the SEC’s 2018 fiscal year end. The SEC has focused in particular on cybersecurity risks facing public companies.
Read More ›
-
The Intellectual Property Strategist
The California Consumer Privacy Act: Everything You Wanted to Know But Were Afraid to Ask
Alan L. Friel
Part Two of a Two-Part Article
Read More ›
-
Cybersecurity Law & Strategy
Effectively Managing Increasing Client Security Requirements
Christopher Perrotta
Gone are the days of naively assuming our confidential data is secure. Increasingly, clients, stakeholders, regulators and others are demanding proof that firms are actively protecting the PII to which they have access, and this evidence is being demanded both before and after security incidents. It is imperative law firms have the positions and processes in place to handle security incidents with urgency, accuracy and completeness.
Read More ›
-
Cybersecurity Law & Strategy
Law Firms Enter the Golden Age of Data Mining
Doug Stansfield
As a matter of practice, law firms generate and store incomprehensible amounts of data. Most, if not all, of that data has been digitized and many firms that recognize the untapped value of their data have begun to leverage sophisticated technologies to mine it for reusable work product and valuable insights.
Read More ›
-
Cybersecurity Law & Strategy
Can Artificial Intelligence Fix Security Issues?
Nina Cunningham
There is great enthusiasm about what AI can do to promote better living conditions, evoking wisdom, providing business intelligence through deep analysis of behavior and habits, by signaling trends and anticipating demand. But there are other considerations as well. A critical one is cybersecurity.
Read More ›
-
Cybersecurity Law & Strategy
How the Healthcare Industry Can Fight Rising Cyber-Attacks
Jason G. Weiss
The healthcare industry is facing an alarming proliferation of cyber perils. Why? Because our healthcare system is a “soft target,” and particularly vulnerable because of its lifesaving work, where time is of the essence. It’s a recipe for disaster from a cybersecurity standpoint.
Read More ›
-
Cybersecurity Law & Strategy
Cybersecurity Experts Needed in U.S.
Scott R. Malyk and Lin R. Walker
The Country Is In Dire Need of Experts Who Possess the Advanced Knowledge, Skills and Experience Required to Combat Cybersecurity Crimes
In an effort to protect our financial, personal, medical, and otherwise confidential data, as well as our election systems, we need to continue to attract and employ the services of the most qualified cybersecurity experts from around the world. However, at present, there is a dire shortage of such qualified experts in the United States.
Read More ›
-
Cybersecurity Law & Strategy
Unique Cyber Risks Faced By the Cannabis Industry
Victoria Hudgins
All companies face cybersecurity threats, but the legalized cannabis industry’s storage of personally identifiable information and reliance on seed-to-sale tracking software can place it firmly within hackers’ crosshairs.
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: New Data Types Challenge E-Discovery to Keep Pace
Cliff Dutton
Expanding the Scope of Data Has the Potential to Slow Down Discovery and Increase Cost, But If New Data Types Contain Uniquely Dispositive Content, It Will Be Necessary to Include Them In Order to Achieve Just Determinations
Data types evolve faster than law. New data types are expanding the scope of discoverable data. The variety, velocity and complexity of electronic evidence challenge legal processes and the technology-enabled legal applications that are designed to support them.
Read More ›
-
Cybersecurity Law & Strategy
Safeguarding Your Intellectual Property
Matthew Calcagno
The documents that a firm produces are its greatest asset, yet firms historically have not made sufficient efforts to safeguard those documents from both internal and external threats. Law firms have typically had an open-door approach to document access. This means that anyone in your firm can likely access any document at any time, leaving your firm’s intellectual property entirely unprotected.
Read More ›
-
Cybersecurity Law & Strategy
What Is the Appropriate Statute of Limitations Period for BIPA Claims?
Sean Wieber, Patrick O’Meara and Eric Shinabarger
The BIPA compliance lag has led companies using or collecting biometric information to consider how far back their liability may extend. The Illinois General Assembly, however, did not include an explicit statute of limitations period in BIPA. As a result, the statute of limitations has become one of BIPA’s primary battlegrounds as litigants argue about potential class sizes and damages awards.
Read More ›
-
Cybersecurity Law & Strategy
The California Consumer Privacy Act: Everything You Wanted to Know But Were Afraid to Ask — 100 Days Out
Alan L. Friel
Part Two of a Two-Part Article
Part One of this article, last issue, covered how the CCPA applies to businesses — both in and outside California, the revenue threshold, proposed amendments and other open issues. Part Two continues with the rights that CCPA grants to Californians, the CCPA’s impact on company privacy policies, how other states’ privacy laws compare to the CCPA, exceptions and penalties for violating the Act.
Read More ›
-
Cybersecurity Law & Strategy
As Hackers Get Smarter, Can Law Firms Keep Up?
Christine Simmons and Xiumei Dong
“It’s Not the Hardware You Worry About, It’s the Mistake That Someone Makes That Inadvertently Gives a Bad Actor Access.”
The legal industry has poured significant resources into cybersecurity, leading to huge leaps in progress in the last decade. But there are areas where large and small law firms can do much better in preventing and reacting to data breaches, and the legal sector may risk falling behind other industries. That’s partly because hackers are learning how to circumvent law firm security systems, leading to a continuous game of cat and mouse.
Read More ›
-
Cybersecurity Law & Strategy
New Study Shows Which States Lead in Privacy Protection Laws
Sue Reisinger
General counsel who navigate the mishmash of state privacy laws may relate to a new study showing that individual U.S. states’ privacy statutes are spread across a broad spectrum.
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: Crisis Control: Best Practices for Emergency E-Discovery and Incident Response
Andrew Johnston
A set of steps and best practices that legal teams can follow to ensure thorough and efficient handling of e-discovery in crisis situations.
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: A Closer Look At 3 Summer Cases Concerning Lost Data
Mike Hamilton
Summer 2019 put some interesting case law into the books. We’ll take a look at three cases having to do with lost data and whether spoliation sanctions were levied.
Read More ›
-
Entertainment Law & Finance
Security Worries for Online Video Game Companies
Victoria Hudgins
Fortnite video game developer Epic Games Inc. isn’t just dodging digital adversaries — now it’s been slammed with a class action lawsuit over a data breach.
Read More ›
-
Cybersecurity Law & Strategy
The California Consumer Privacy Act: Everything You Wanted to Know But Were Afraid to Ask — 100 Days Out
Alan L. Friel
Part One of a Two-Part Article
Responses to questions businesses frequently ask about the impacts of the CCPA. Implementation challenges inevitably will arise as a company works to apply these new requirements to its business practices. The time is now to start preparing for the CCPA, as well as for other new U.S. privacy laws that are likely to follow.
Read More ›
-
Cybersecurity Law & Strategy
Increasing Client Requirements: Securing Law Firms for the 21st Century
Debra Gray
Gone are the days of “basic security.” What used to be optional is now standard: two factor authentication, complex passwords, clean desk policies, data encryption at rest and in transit, mobile device management and up-to-the-minute patching. Clients expect these items to already be in place and are further expanding their expectations.
Read More ›
-
Cybersecurity Law & Strategy
Cybersecurity False Claims Act Cases: The Next Frontier
Andrew Mohr and C. Kelly Kroll
A new wave of False Claims Act cases is crashing ashore. Based on the federal government’s inclusion of toughened cybersecurity requirements for government contractors, numerous FCA cases will undoubtedly be filed and litigated in coming years against prime contractors and their major subcontractors for allegedly failing to comply with their contractual cybersecurity obligations.
Read More ›
