Data Integrity and Incident Response
December 01, 2017
The skill required to successfully exfiltrate 143 million records is certainly sufficient to successfully attack the integrity of that very same data. It is generally accepted that cyber criminals have not performed integrity attacks because there is a minimal profit motive: Records have a black-market value; in integrity attacks, there is no deliverable that can be sold. This paradigm may be shifting.
Uber In-House Attorney Out Behind Massive Cyberattack That Went Undisclosed
December 01, 2017
<b><i>The Company Failed to Notify 57 Million Users of a Breach In October 2016. Two Employees Tasked with Handling the Response Process Have Left the Company, Including Uber In-House Attorney Craig Clark, Who Reported to the Company's Chief Security Officer.</b></i><p>Uber Technologies Inc. failed to notify 57 million users that their data was exposed in a breach, according to a company blog post published on November 21, which was confirmed by a source close to the matter.
Five Smart Steps to Prepare for GDPR Data Subject Rights
December 01, 2017
Many corporations around the globe are preparing for May 2018, when Europe's General Data Protection Regulation (GDPR) enforcement kicks in. The regulation encompasses a wide range of nuanced privacy requirements that can be challenging to operationalize. In particular, requirements around the rights of European data subjects — which include the right to be forgotten and rights to access, rectification and objection to processing — will be some of the most difficult to address.
What Lies Beneath the Surface: The Dark Web
December 01, 2017
Nearly all of us access the World Wide Web on at least a daily basis. Yet for many of us, there is a fundamental lack of knowledge about the basic structure of the Internet and the way its different levels interact. This article provides a basic outline of the structure of the Web and some insight as to the purpose for and content housed on each level, as well as give some practical tips to avoid your company's data from ending up on the Dark Web.
Wave of Sexual Misconduct Claims Warrants Looks at Confidentiality, Nondisclosure Agreements
December 01, 2017
Companies try to protect their reputations from executives who have "gone wild" by including moral turpitude clauses as a basis to terminate executives for cause under their employment agreements. Similarly, in the context of employment disputes, companies try to protect themselves through the use of non-disclosure, non-disparagement and confidentiality provisions in settlement agreements.
Social Media: Questions of Admissibility and Ethics
December 01, 2017
<b><i>Part Two of a Two-Part Article</i></b><p>Social media evidence can be acquired both informally — through an attorney's own investigation or from the client — or more formally through the use of discovery and the rules of discovery. While each gives rise to practical and ethical issues, this article focuses on informal methods of acquisition.
Security First Approach Provides a Significant Advantage to Law Firms
December 01, 2017
Security first is a holistic approach that views security not as an information technology nuisance in need of tight cost-management controls, but as a competitive advantage to differentiation from traditional business offerings. Here's what you need to know.
Podcast: Phishing
November 02, 2017
Phishing is one of the more pervasive cyber attacks in the world, and while we've all received phishing emails, phishing attacks have become more sophisticated and come in different forms other than emails from Persian princes.
