Blog Posts Tagged with "Liability"
November 14, 2012 Added by:Jayson Wylie
One of the latest publicly known Government Data Breaches has incurred yet another lawsuit for the people by the people’s lawyers. Monetary and punitive damages that can be incurred through Personal Identifiable Information (PII) loss resulting in fraud or victimization...
October 03, 2012 Added by:Ben Rothke
Social media makes it easy for organizations to find and retain customers and increase sales, amongst many other benefits. At the same time, it can expose an organization to significant and highly-expensive legal risks and issues, and find themselves at the receiving end of a subpoena...
August 23, 2012 Added by:Thomas Fox
Unlike the insurance industry, which helps companies manage risks through financial instruments, risk management attempts to avoid or at least control risk. The next time you hear the mindless prattle of “but we’ve always done it that way”, get some ideas on how to change your company’s compliance culture...
August 15, 2012 Added by:Rafal Los
Does it make sense to repurpose "security awareness" to be inclusive of corporate and personal responsibility? Should we have users sign agreements that make them aware they are responsible, personally, when bad things happen as a result of their actions? Should there be HR actions against users who are reckless?
August 06, 2012 Added by:David Navetta
The Holmes decision further underscores difficulties in securing any recovery on a data breach lawsuit absent actual identity theft. However, the lengthy history of this case — dating back to 2008 including a challenge to a Court approved settlement — highlights that such cases are protracted and costly to defend...
July 17, 2012 Added by:Megan Berry
Legal fees, clean-up costs, lost business and damage to an organization’s reputation: consequences of a business being hit with a data breach. Cost can be significant, which is why it is critical to properly respond after a data breach...
July 11, 2012 Added by:Rafal Los
The challenges of dealing with a completely connected, ubiquitously computable world are that data can be moved, stored, and used anywhere and that the infrastructure that moves that data around is less and less under your control. That's an interesting thing for information security professionals...
June 26, 2012 Added by:David Navetta
Unfortunately, implementing a BYOD strategy and developing personal device use policies is not a one-size-fits-all cookie cutter exercise. In most cases significant privacy, security and legal challenges exist, and those challenges will vary depending on a multitude of factors that are specific to the organization...
June 21, 2012 Added by:Jayson Wylie
It does not seem like the top leaders at organizations are as concerned with others' information as they might be with the bottom line. If organizations do not respond to fear of embarrassment for failing at security, should we start taking them to court to formulate better consumer protections?
June 13, 2012 Added by:Bill Gerneglia
NDAs might include potential liability for unauthorized disclosure of protected personal information, privileged communications (such as lawyer-client or doctor-patient communications), national secrets, or the trade secrets of the company or business partner...
June 04, 2012 Added by:Bill Gerneglia
Beyond managing regulations and liability, companies outsource their IT functions to third parties create infosec privacy and legal difficulties, including loss of control and challenges with enforcement. Risk and compliance obligations do not disappear when using a third-party service provider...
May 15, 2012 Added by:Jayson Wylie
I don’t want to see the main outcome of security and data breaches become lengthy litigation. If cloud security boils down to he who has the best law team, the direction of security will have an approach of least exposure to litigation versus Cyber threats. This does not settle with me as a valid security driver for improving security posture...
May 10, 2012 Added by:Bill Gerneglia
A common vocabulary is certainly emerging making dialog between counsel and technologists productive and effective. However, equally important is that lawyers engage their client’s technology team in dialog on e-discovery issues because when counsel fails, the fall out can be costly...
May 09, 2012 Added by:Jayson Wylie
Cloud security threats can come from the lack of designed and implemented security by the provider. This may be intentional or not but the lack of oversight or negligence in this area can potentially cause disputes over the difference of control versus accountability...
April 26, 2012 Added by:David Navetta
The attenuated nature of online relationships creates an opportunity for criminals to steal or spoof online identities and use them for monetary gain. The ability of one party to authenticate the identity of the other party in an online transaction is of key importance...
April 24, 2012 Added by:David Navetta
Some organizations believe that BYOD will allow them to avoid significant costs. Other companies believe that company data on personal devices is inevitable. Unfortunately, BYOD raises significant data security concerns which can lead to potential legal risk...
Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013
ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013