Colorado recently adopted a new law expanding companies' obligations in the event of a cybersecurity incident, and establishing new data security and disposal obligations. Recent announcements by the SEC likewise emphasize important responsive points for both companies and their personnel in the wake of an incident. Five key takeaways from these developments are highlighted in this article.
Critical to any counsel working to prevent a cyber attack or respond to a successful cyber intrusion is an understanding of why and how to properly utilize both attorney-client and work-product privilege.
Despite some potential problems with widespread use of Gmail's 'confidential mode,' the new ephemeral messaging function can be easily managed from an information governance perspective.
The costs of litigation increase with ever more potentially responsive data, litigation technology options, and a truly global reach in the context of much litigation. In response, law firms must continue to consider viable approaches to broaching discussions surrounding the recovery of these costs both within the firm and, more importantly, with law firm clients.
This article focuses on the unique issues that arise in a specific but increasingly common scenario: when your client is the victim of a cybercrime.
Whatever direction we went with our IT, we wanted to make sure we would be following the absolute best practices from a security perspective. I needed to know that our data would be safe, secure, as well as fully backed up in case something went wrong.
The new technology offering from Thomson Reuters features a retooled warning system for questionable law, an expanded litigation analytics offering, and more.
While many business owners and executives understand that a data security problem/need exists, they do not have a baseline fluency in the concepts and alphabet soup that comprise the language of digital information security. To this extent, Chris Moschovitis' new book is an effective cybersecurity primer for the management community.
In a nutshell, GDPR mandates that individuals have access and control over the use and maintenance of their data in certain circumstances, while the foundation of blockchain relies on the immutability of data. On the surface, these concepts seem in direct conflict with each other. This article discusses the points where GDPR and blockchain share common ground, where conflicts may exist and possible approaches for mitigating those conflicts.
At both a personal and corporate level, there are huge gains to be made in protecting against data breaches. The fact is that well-implemented client-side encryption — where the corporate user keeps their own key rather than entrusting a third party to guard their sensitive information — is the only sure way to guarantee data privacy when storing data on other people's servers.
