Blog Posts Tagged with "Liability"

54a9b7b662bfb0f0445d1661d7ed180b

Suing our way to Better Security... Redux

November 14, 2012 Added by:Jayson Wylie

One of the latest publicly known Government Data Breaches has incurred yet another lawsuit for the people by the people’s lawyers. Monetary and punitive damages that can be incurred through Personal Identifiable Information (PII) loss resulting in fraud or victimization...

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

Navigating Social Media Legal Risks: Safeguarding Your Business

October 03, 2012 Added by:Ben Rothke

Social media makes it easy for organizations to find and retain customers and increase sales, amongst many other benefits. At the same time, it can expose an organization to significant and highly-expensive legal risks and issues, and find themselves at the receiving end of a subpoena...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

How Do You Change to a Culture of Compliance?

August 23, 2012 Added by:Thomas Fox

Unlike the insurance industry, which helps companies manage risks through financial instruments, risk management attempts to avoid or at least control risk. The next time you hear the mindless prattle of “but we’ve always done it that way”, get some ideas on how to change your company’s compliance culture...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Relating Responsibility and Liability: At the Core of BYOD

August 15, 2012 Added by:Rafal Los

Does it make sense to repurpose "security awareness" to be inclusive of corporate and personal responsibility? Should we have users sign agreements that make them aware they are responsible, personally, when bad things happen as a result of their actions? Should there be HR actions against users who are reckless?

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Court Dismissed Another Data Breach Suit

August 06, 2012 Added by:David Navetta

The Holmes decision further underscores difficulties in securing any recovery on a data breach lawsuit absent actual identity theft. However, the lengthy history of this case — dating back to 2008 including a challenge to a Court approved settlement — highlights that such cases are protracted and costly to defend...

Comments  (0)

02a6d0efd54c7388e26f125d8df83671

Notifying Customers About a Data Breach: Five Rules

July 17, 2012 Added by:Megan Berry

Legal fees, clean-up costs, lost business and damage to an organization’s reputation: consequences of a business being hit with a data breach. Cost can be significant, which is why it is critical to properly respond after a data breach...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Patchwork Cloud: Breaking Laws You Didn't Know Applied

July 11, 2012 Added by:Rafal Los

The challenges of dealing with a completely connected, ubiquitously computable world are that data can be moved, stored, and used anywhere and that the infrastructure that moves that data around is less and less under your control. That's an interesting thing for information security professionals...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Legal Implications of BYOD Part II: Preparing Use Policies

June 26, 2012 Added by:David Navetta

Unfortunately, implementing a BYOD strategy and developing personal device use policies is not a one-size-fits-all cookie cutter exercise. In most cases significant privacy, security and legal challenges exist, and those challenges will vary depending on a multitude of factors that are specific to the organization...

Comments  (0)

54a9b7b662bfb0f0445d1661d7ed180b

Suing Our Way to Better Security?

June 21, 2012 Added by:Jayson Wylie

It does not seem like the top leaders at organizations are as concerned with others' information as they might be with the bottom line. If organizations do not respond to fear of embarrassment for failing at security, should we start taking them to court to formulate better consumer protections?

Comments  (7)

44fa7dab2a22dc03b6a1de4a35b7834a

Contracts and Information Security Part 2: NDAs

June 13, 2012 Added by:Bill Gerneglia

NDAs might include potential liability for unauthorized disclosure of protected personal information, privileged communications (such as lawyer-client or doctor-patient communications), national secrets, or the trade secrets of the company or business partner...

Comments  (0)

44fa7dab2a22dc03b6a1de4a35b7834a

Contracts and Information Security Part 1: Outsourcing

June 04, 2012 Added by:Bill Gerneglia

Beyond managing regulations and liability, companies outsource their IT functions to third parties create infosec privacy and legal difficulties, including loss of control and challenges with enforcement. Risk and compliance obligations do not disappear when using a third-party service provider...

Comments  (0)

54a9b7b662bfb0f0445d1661d7ed180b

Where Will the Buck Stop in Cloud Security?

May 15, 2012 Added by:Jayson Wylie

I don’t want to see the main outcome of security and data breaches become lengthy litigation. If cloud security boils down to he who has the best law team, the direction of security will have an approach of least exposure to litigation versus Cyber threats. This does not settle with me as a valid security driver for improving security posture...

Comments  (0)

44fa7dab2a22dc03b6a1de4a35b7834a

Communication is King in E-Discovery Matters

May 10, 2012 Added by:Bill Gerneglia

A common vocabulary is certainly emerging making dialog between counsel and technologists productive and effective. However, equally important is that lawyers engage their client’s technology team in dialog on e-discovery issues because when counsel fails, the fall out can be costly...

Comments  (0)

54a9b7b662bfb0f0445d1661d7ed180b

Is Cloud Security in the Clouds?

May 09, 2012 Added by:Jayson Wylie

Cloud security threats can come from the lack of designed and implemented security by the provider. This may be intentional or not but the lack of oversight or negligence in this area can potentially cause disputes over the difference of control versus accountability...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Duty to Authenticate Identity: Online Banking Breach Lawsuits

April 26, 2012 Added by:David Navetta

The attenuated nature of online relationships creates an opportunity for criminals to steal or spoof online identities and use them for monetary gain. The ability of one party to authenticate the identity of the other party in an online transaction is of key importance...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

The Security, Privacy and Legal Implications of BYOD

April 24, 2012 Added by:David Navetta

Some organizations believe that BYOD will allow them to avoid significant costs. Other companies believe that company data on personal devices is inevitable. Unfortunately, BYOD raises significant data security concerns which can lead to potential legal risk...

Comments  (0)

Page « < 1 - 2 > »
Most Liked