Blog Posts Tagged with "Liability"
Suing our way to Better Security... Redux
November 14, 2012 Added by:Jayson Wylie
One of the latest publicly known Government Data Breaches has incurred yet another lawsuit for the people by the people’s lawyers. Monetary and punitive damages that can be incurred through Personal Identifiable Information (PII) loss resulting in fraud or victimization...
Comments (0)
Navigating Social Media Legal Risks: Safeguarding Your Business
October 03, 2012 Added by:Ben Rothke
Social media makes it easy for organizations to find and retain customers and increase sales, amongst many other benefits. At the same time, it can expose an organization to significant and highly-expensive legal risks and issues, and find themselves at the receiving end of a subpoena...
Comments (0)
How Do You Change to a Culture of Compliance?
August 23, 2012 Added by:Thomas Fox
Unlike the insurance industry, which helps companies manage risks through financial instruments, risk management attempts to avoid or at least control risk. The next time you hear the mindless prattle of “but we’ve always done it that way”, get some ideas on how to change your company’s compliance culture...
Comments (0)
Relating Responsibility and Liability: At the Core of BYOD
August 15, 2012 Added by:Rafal Los
Does it make sense to repurpose "security awareness" to be inclusive of corporate and personal responsibility? Should we have users sign agreements that make them aware they are responsible, personally, when bad things happen as a result of their actions? Should there be HR actions against users who are reckless?
Comments (0)
Court Dismissed Another Data Breach Suit
August 06, 2012 Added by:David Navetta
The Holmes decision further underscores difficulties in securing any recovery on a data breach lawsuit absent actual identity theft. However, the lengthy history of this case — dating back to 2008 including a challenge to a Court approved settlement — highlights that such cases are protracted and costly to defend...
Comments (0)
Notifying Customers About a Data Breach: Five Rules
July 17, 2012 Added by:Megan Berry
Legal fees, clean-up costs, lost business and damage to an organization’s reputation: consequences of a business being hit with a data breach. Cost can be significant, which is why it is critical to properly respond after a data breach...
Comments (0)
The Patchwork Cloud: Breaking Laws You Didn't Know Applied
July 11, 2012 Added by:Rafal Los
The challenges of dealing with a completely connected, ubiquitously computable world are that data can be moved, stored, and used anywhere and that the infrastructure that moves that data around is less and less under your control. That's an interesting thing for information security professionals...
Comments (0)
Legal Implications of BYOD Part II: Preparing Use Policies
June 26, 2012 Added by:David Navetta
Unfortunately, implementing a BYOD strategy and developing personal device use policies is not a one-size-fits-all cookie cutter exercise. In most cases significant privacy, security and legal challenges exist, and those challenges will vary depending on a multitude of factors that are specific to the organization...
Comments (0)
Suing Our Way to Better Security?
June 21, 2012 Added by:Jayson Wylie
It does not seem like the top leaders at organizations are as concerned with others' information as they might be with the bottom line. If organizations do not respond to fear of embarrassment for failing at security, should we start taking them to court to formulate better consumer protections?
Comments (7)
Contracts and Information Security Part 2: NDAs
June 13, 2012 Added by:Bill Gerneglia
NDAs might include potential liability for unauthorized disclosure of protected personal information, privileged communications (such as lawyer-client or doctor-patient communications), national secrets, or the trade secrets of the company or business partner...
Comments (0)
Contracts and Information Security Part 1: Outsourcing
June 04, 2012 Added by:Bill Gerneglia
Beyond managing regulations and liability, companies outsource their IT functions to third parties create infosec privacy and legal difficulties, including loss of control and challenges with enforcement. Risk and compliance obligations do not disappear when using a third-party service provider...
Comments (0)
Where Will the Buck Stop in Cloud Security?
May 15, 2012 Added by:Jayson Wylie
I don’t want to see the main outcome of security and data breaches become lengthy litigation. If cloud security boils down to he who has the best law team, the direction of security will have an approach of least exposure to litigation versus Cyber threats. This does not settle with me as a valid security driver for improving security posture...
Comments (0)
Communication is King in E-Discovery Matters
May 10, 2012 Added by:Bill Gerneglia
A common vocabulary is certainly emerging making dialog between counsel and technologists productive and effective. However, equally important is that lawyers engage their client’s technology team in dialog on e-discovery issues because when counsel fails, the fall out can be costly...
Comments (0)
Is Cloud Security in the Clouds?
May 09, 2012 Added by:Jayson Wylie
Cloud security threats can come from the lack of designed and implemented security by the provider. This may be intentional or not but the lack of oversight or negligence in this area can potentially cause disputes over the difference of control versus accountability...
Comments (0)
Duty to Authenticate Identity: Online Banking Breach Lawsuits
April 26, 2012 Added by:David Navetta
The attenuated nature of online relationships creates an opportunity for criminals to steal or spoof online identities and use them for monetary gain. The ability of one party to authenticate the identity of the other party in an online transaction is of key importance...
Comments (0)
The Security, Privacy and Legal Implications of BYOD
April 24, 2012 Added by:David Navetta
Some organizations believe that BYOD will allow them to avoid significant costs. Other companies believe that company data on personal devices is inevitable. Unfortunately, BYOD raises significant data security concerns which can lead to potential legal risk...
Comments (0)
- SecurityWeek Names Ryan Naraine as Editor-at-Large
- Why Cyber Security Should Be at the Top of Your Christmas List
- United States Federal Government’s Shift to Identity-Centric Security
- How Extreme Weather Will Create Chaos on Infrastructure
- BSIMM11 Observes the Cutting Edge of Software Security Initiatives
- Sustaining Video Collaboration Through End-to-End Encryption
- Will Robo-Helpers Help Themselves to Your Data?
- Securing the Hybrid Workforce Begins with Three Crucial Steps
- A New Strategy for DDoS Protection: Log Analysis on Steroids
- COVID-19 Aside, Data Protection Regulations March Ahead: What To Consider