Internet, Information Technology & e-Discovery Blog

Internet, Information Technology & e-Discovery Blog

Social changes brought about by the Internet & Technology

Category Archives: IT Industry

Subscribe to IT Industry RSS Feed

Cyber Pain Points: Failure to get buy-in for Incident Response Plan (IRP) in the top 10!

Posted in Cyber, IT Industry
A recent report indicated that IRPs “are frequently developed from within departmental silos, for example, within the organization’s IT security function, and do not address the considerations of business units or cross functional areas needed to coordinate and operate together during a response. This not only leads to an uncoordinated response effort, but discourages buy-in… Continue Reading

HIPAA penalty of $5.5 million seems like a lot, but it’s only $1.375 per patient!

Posted in Cyber, IT Industry
With 4 million patient records exposed, this was the largest fine to date for breach of ePHI (electronic Protected Health Information) which included “demographic information, clinical information, health insurance information, patient names, addresses, credit card numbers and their expiration dates, and dates of birth.”  On August 4, 2016 the U.S. Department of Health and Human… Continue Reading

The 10 Commandment of Internet Ethics

Posted in eCommerce, IT Industry
When reading Wikipedia’s 1992 Ten Commandments of Computer Ethics you can easily substitute “Internet” for “computer” and it’s amazing what you see…., for example the 1st Commandment “You shall not use the Internet to harm other people.”  Here are all Ten Commandments of Internet Ethics (with my minor edits): You shall not use the Internet… Continue Reading

Cybercriminal data breaches in Healthcare may exceed a whopping $6.2 billion!

Posted in Cyber, eCommerce, IT Industry
Ponemon reported that “over the past two years the average cost of a data breach for healthcare organizations is estimated to be more than $2.2 million. No healthcare organization, regardless of size, is immune from data breach.”  The “Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data” study included this alarming information about… Continue Reading

Unencrypted PHI (Protected Health Information) on iPhone leads to $650,000 HIPAA penalty!

Posted in eCommerce, Internet Privacy, IT Industry
The HIPAA violation in violation of a Business Associate Agreement (BAA)  resulted from extensive PHI on an iPhone which “included social security numbers, information regarding diagnosis and treatment, medical procedures, names of family members and legal guardians, and medication information” according to a recent report from the Office for Civil Rights (OCR) of U.S. Department… Continue Reading

Do you trust the government to set morals for AI (Artificial Intelligence) to drive cars?

Posted in eCommerce, IT Industry
The New York Times’ article about the morality of AI auto driving decisions may be based on  “government requirements for autonomous car morality might be one way to go, though the people surveyed in the Science article say they are not keen on that. Manufacturers could also tailor morality to a buyer’s choice.” The June… Continue Reading

Experienced outside counsel should be part of your Incident Response Plan (IRP) for cyber intrusions!

Posted in Cyber, eCommerce, IT Industry
Darkreading recommended that an IR team should include “outside legal counsel that possess specialized experience in cybersecurity and data breach responses” and key stakeholders from all applicable areas of the organization, such as Legal, HR, Executive Management, PR/Communications, Information Technology”…as well as third party vendors.  The June 7, 2016 report entitled “How To Prepare For… Continue Reading

Report of 50 cyber breaches since 2011 leads congress to investigate cybersecurity at the Federal Reserve!

Posted in Cyber, eCommerce, IT Industry
Following a report about cybersecurity breaches by Reuters the House Committee on Science, Space and Technology sent a letter to Fed Chair Janet Yellen that  these “reports raise serious concerns about the Federal Reserve’s cyber security posture, including its ability to prevent threats from compromising highly sensitive financial information housed on the agency’s systems.”  The… Continue Reading

Cyber security & cooperation improves with elimination of IT network silos!

Posted in Cyber, IT Industry
A recent IT network report indicated that “Top-tier organizations are also much less tolerant of silos – either in their tools or in their teams”  and “are four times as likely to invest in machine-readable threat intelligence.” The 2016 Network Protection Survey from Infoblox reported the “estimate the cost of a typical unplanned network outage… Continue Reading

13 critical questions about Service Level Agreements (SLAs) to ask your cloud provider

Posted in IT Industry
All cloud customers should ask their cloud providers critical questions about the SLAs which describe the performance standards they think they are signing up for.  However customers may want to reconsider which cloud provider they should use if the cloud provider doesn’t give good answers to these SLA questions offered by Jamie Tischart (Intel’s CTO… Continue Reading

IT administrator with ‘keys to the kingdom’ indicted for hacking former employer

Posted in Cyber, eCommerce, Internet Privacy, IT Industry
With a possible sentence of 20 years in prison for hacking for a trial set for June 28, 2016 the US Attorney commented about the indictment that “IT administrators often hold the ‘keys to the kingdom’ for companies, … Disgruntled IT administrators can therefore pose a grave threat to businesses, which must take measures to protect themselves when… Continue Reading

Cybersecurity Alert: monetization of malware is one of the 7 biggest threats!

Posted in Cyber, eCommerce, IT Industry
There’s no substitute for training employees to avoid opening obviously suspect email and attachments, and HP Enterprise (HPE) issued a report which disclosed “a continued rise in attackers’ success at infiltrating enterprise networks” and as a result “defenders must accelerate their approach to detection, protection, response, and recovery.”  The HPE report entitled “Security Research Cyber… Continue Reading

More advice on how to avoid Ransomware – verify & test disaster recovery backup!

Posted in Cyber, eCommerce, IT Industry
It’s one thing to backup data, and another to verify the backup was a success, but you also should test restoring backup data so you can “fix the issues before data gremlins such as hard drive failures, natural disasters, or ransomware delete your” data and intellectual property according to the article “How to review and… Continue Reading

Read your Cyberinsurance policies closely since they may not cover your loses!

Posted in Cyber, IT Industry
Everyone needs to review their cyberinsurance polices following the December 2015  “multi-billion dollar loss after hackers cut electric power to more than 80,000 Ukrainians last month,” Reuters reported that many publicly-traded utility companies “have warned of their exposure to cyber risks in their most recent annual reports to securities regulators, and that their insurance coverage… Continue Reading

eDiscovery Advice to IT – be on high alert to protect electronic evidence under “Legal Hold”!

Posted in E-Discovery, IT Industry
The concept of “Legal Hold” is not new in the least and long before anyone ever thought about electronic evidence (Electronically Stored Information- ESI) once a party became aware of potential litigation it had a duty to protect all relevant evidence, like paper documents.  So it comes as no surprise that an in recent IT… Continue Reading

Phishing is in the Top Ten Cyberthreats

Posted in Cyber, eCommerce, IT Industry
Neustar Engineering reported that there are millions of phishing emails every day since most “email servers don’t actually block email that may be spoofed and may even fail authentication at some level.” The August 20, 2015 blog entitled “Ten Cyberthreats Outside the Firewall” included the following comments about phishing and about the importance of training… Continue Reading

Cyber Risk Lessons Learned about Information Security

Posted in Cyber, IT Industry
After more than 50 data security settlement agreements with various companies, the FTC (Federal Trade Commission) issued its Guide that recommending that companies “consider security from the start assess their options and make reasonable choices based on the nature of their business and the sensitivity of the information involved.”  The “Start with Security: A Guide… Continue Reading

Cyber Intrusion Responsibility Shared by General Counsel & IT

Posted in Cyber, eCommerce, IT Industry
It is imperative that General Counsel learn IT technology and lingo- and that IT legal jargon given a recent survey identified that in almost 450 companies 31% rely on IT and 21% rely on General Counsel to be primarily responsible for assuring legal compliance when cyber intrusion occurs. Zurich sponsored Advisen’s recent white paper entitled… Continue Reading

Alert to All Lawyers – Inevitable Data and IT Disasters May Destroy Client Files!

Posted in IT Industry
A recent report warned that lawyers have an “ethical and regulatory responsibility to protect your client’s confidential information, it is imperative that you have a plan in place to protect your data from loss, corruption or theft.”  Abacus Data Systems issued its report entitled “10 Critical Disaster Planning Essentials for Your Law Firm” which included… Continue Reading