Legal
FTC Takes on Super Cookies
December 06, 2011 Added by:David Navetta
The FTC is an increasingly nimble enforcer, with ever shorter news story-to-enforcement action cycles. This approach is consistent with the FTC's stated commitment to take enforcement actions in the areas where the agency believes there is significant non-compliance...
Comments (0)
Digital Forensics for Legal Professionals
November 30, 2011 Added by:Ben Rothke
The book provides the reader with a high-level overview of all of the fundamental areas around digital forensics, from how the legal system works, selecting an expert witness, evidence, to storage media, records/logging, call records and more...
Comments (0)
Implementing or Enhancing a Compliance Program
November 29, 2011 Added by:Thomas Fox
Many companies are still in the infancy of creating their compliance programs with their General Counsel or perhaps hiring an initial Compliance Officer. This person or persons may be somewhat overwhelmed about how to even get started...
Comments (0)
The Compliance Function in Pre-Acquisition Due Diligence
November 14, 2011 Added by:Thomas Fox
Admittedly, the time during any due diligence for an assessment of compliance is limited. This may well lead to a purchasing entity completing a transaction with unknown compliance risks in place. This can have several negative consequences, including successor liability...
Comments (0)
Seven Deadly Sins for a Compliance Program
November 11, 2011 Added by:Thomas Fox
Feldman’s seven deadly mistakes provide an excellent framework for any company to assess their overall compliance program from a high level. While perhaps not rising to the level of “sins”, the answers will allow the compliance practitioner to be ready to respond if the DoJ comes a calling...
Comments (0)
The Legal Implications of Social Networking Part Two
November 08, 2011 Added by:David Navetta
As social media and networking continue to revolutionize modern-day marketing and become the norm for organizations of all types, shapes and sizes, it is even more important to adequately address the legal risks associated with social media use...
Comments (0)
NYSBA Releases E-Discovery Best Practices Guidelines
November 04, 2011 Added by:Headlines
The guidelines are organized in a systematic fashion covering topics applicable to electronically stored information before, during and after e-discovery has occurred and includes coverage of legal holds, adequate preservation, investigations, duty to preserve, inadvertent alteration...
Comments (0)
Compliance: Telling the Board What it Needs to Know
November 03, 2011 Added by:Thomas Fox
In an article entitled “Telling Your Board What it Needs to Hear”, author Arielle Bikard discusses the views of Pfizer Inc’s Chief Compliance Officer (CCO), Douglas Lankler, on how he keeps the Pfizer Board of Directors up to date on compliance issues...
Comments (1)
NIST Releases Final Definition of Cloud Computing
November 03, 2011 Added by:David Navetta
NIST intends the definition "to serve as a means for broad comparisons of cloud services and deployment strategies, and to provide a baseline for discussion from what is cloud computing to how to best use cloud computing..."
Comments (0)
SEC Issues Guidance on Security Incident Disclosure
October 31, 2011 Added by:David Navetta
What the guidance document does stress, however, is process and risk assessment. One read of this guidance is that companies internally are going to have to more carefully forecast and estimate the impact of cyber incidents and the consequences of failing to implement adequate security...
Comments (0)
Latest Data Breach Costs Could Exceed $5 Billion
October 31, 2011 Added by:Brian Dean
It is recommended that organizations receiving PII become intimately familiar with all of the applicable security requirements for their industry in order to understand minimum protection requirements, industry best practices, as well as the consequences of noncompliance...
Comments (0)
Emerging Companies Can Delay SOX Compliance
October 24, 2011 Added by:Headlines
New companies with a market capitalization under USD 1 billion will now be able to opt-out of regulations within section 404 of the Sarbanes-Oxley (SOX) Act for the first ten years after going public. This option was previously available to companies under USD 75 million...
Comments (0)
Lean Knowledge Principles and Compliance Programs
October 24, 2011 Added by:Thomas Fox
The lean approach can be used in many of the process steps where documentation is the key. The discretion and expertise brought to bear in compliance programs can then be overlaid on this system. This approach can help a compliance department deliver a more robust compliance product...
Comments (0)
How Social Media Impacts Your Compliance Program
October 02, 2011 Added by:Thomas Fox
In a September 26, 2011 article in Forbes magazine, titled “Social Power and the Coming Corporate Revolution”, author David Kirkpatrick argues that the social media revolution has so empowered employees and customers that they will soon be calling the shots, not management...
Comments (0)
Legal Consequences of Breaches to Security and Privacy
October 01, 2011 Added by:Craig S Wright
Intermediaries have the ability to stop transgressions on the Web now, but the lack of clear direction and potential liability associated with action remains insufficient to modify behavior. In the face of tortuous liability, the economic impact of inaction is unlikely to lead to change...
Comments (0)
FTC Proposes Revisions to COPPA Rule
September 30, 2011 Added by:David Navetta
The proposed amendments would modify the Rule in five areas: definitions, parental notice, parental consent mechanisms, confidentiality and security of children’s personal information, and safe harbor programs. Each may have a significant impact on a company’s current online practices...
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)