Category Archives: IT Industry

Subscribe to IT Industry RSS Feed

Experienced outside counsel should be part of your Incident Response Plan (IRP) for cyber intrusions!

Darkreading recommended that an IR team should include “outside legal counsel that possess specialized experience in cybersecurity and data breach responses” and key stakeholders from all applicable areas of the organization, such as Legal, HR, Executive Management, PR/Communications, Information Technology”…as well as third party vendors.  The June 7, 2016 report entitled “How To Prepare For … Continue reading this entry

Report of 50 cyber breaches since 2011 leads congress to investigate cybersecurity at the Federal Reserve!

Following a report about cybersecurity breaches by Reuters the House Committee on Science, Space and Technology sent a letter to Fed Chair Janet Yellen that  these “reports raise serious concerns about the Federal Reserve’s cyber security posture, including its ability to prevent threats from compromising highly sensitive financial information housed on the agency’s systems.”  The … Continue reading this entry

Cyber security & cooperation improves with elimination of IT network silos!

A recent IT network report indicated that “Top-tier organizations are also much less tolerant of silos – either in their tools or in their teams”  and “are four times as likely to invest in machine-readable threat intelligence.” The 2016 Network Protection Survey from Infoblox reported the “estimate the cost of a typical unplanned network outage … Continue reading this entry

Legal risk moved to 4th biggest cloud security concern!

A recent survey of 2,200 Information Security Community professionals indicated that concerns “about legal and regulatory compliance have seen the biggest gain, moving from the number 7 spot (24%) to number 4 (39%)” and that 49% believed that “one of the major barriers to cloud adoption is the fear of data loss and leakage.” The … Continue reading this entry

13 critical questions about Service Level Agreements (SLAs) to ask your cloud provider

All cloud customers should ask their cloud providers critical questions about the SLAs which describe the performance standards they think they are signing up for.  However customers may want to reconsider which cloud provider they should use if the cloud provider doesn’t give good answers to these SLA questions offered by Jamie Tischart (Intel’s CTO … Continue reading this entry

IT administrator with ‘keys to the kingdom’ indicted for hacking former employer

With a possible sentence of 20 years in prison for hacking for a trial set for June 28, 2016 the US Attorney commented about the indictment that “IT administrators often hold the ‘keys to the kingdom’ for companies, … Disgruntled IT administrators can therefore pose a grave threat to businesses, which must take measures to protect themselves when … Continue reading this entry

Cybersecurity Alert: monetization of malware is one of the 7 biggest threats!

There’s no substitute for training employees to avoid opening obviously suspect email and attachments, and HP Enterprise (HPE) issued a report which disclosed “a continued rise in attackers’ success at infiltrating enterprise networks” and as a result “defenders must accelerate their approach to detection, protection, response, and recovery.”  The HPE report entitled “Security Research Cyber … Continue reading this entry

More advice on how to avoid Ransomware – verify & test disaster recovery backup!

It’s one thing to backup data, and another to verify the backup was a success, but you also should test restoring backup data so you can “fix the issues before data gremlins such as hard drive failures, natural disasters, or ransomware delete your” data and intellectual property according to the article “How to review and … Continue reading this entry

Read your Cyberinsurance policies closely since they may not cover your loses!

Everyone needs to review their cyberinsurance polices following the December 2015  “multi-billion dollar loss after hackers cut electric power to more than 80,000 Ukrainians last month,” Reuters reported that many publicly-traded utility companies “have warned of their exposure to cyber risks in their most recent annual reports to securities regulators, and that their insurance coverage … Continue reading this entry

eDiscovery Advice to IT – be on high alert to protect electronic evidence under “Legal Hold”!

The concept of “Legal Hold” is not new in the least and long before anyone ever thought about electronic evidence (Electronically Stored Information- ESI) once a party became aware of potential litigation it had a duty to protect all relevant evidence, like paper documents.  So it comes as no surprise that an in recent IT … Continue reading this entry

Can lawyers get smarter by using improved Artificial Intelligence (AI)?

Since I first learned about AI more than 40 years ago I was hoping that AI would help improve society, and when in studying law I was hopeful that lawyers could use AI.  Recent AI advancements may be the beginning of practical AI since it includes improved Internet search which clearly could help lawyers which … Continue reading this entry

Phishing is in the Top Ten Cyberthreats

Neustar Engineering reported that there are millions of phishing emails every day since most “email servers don’t actually block email that may be spoofed and may even fail authentication at some level.” The August 20, 2015 blog entitled “Ten Cyberthreats Outside the Firewall” included the following comments about phishing and about the importance of training … Continue reading this entry

Cyber Risk Lessons Learned about Information Security

After more than 50 data security settlement agreements with various companies, the FTC (Federal Trade Commission) issued its Guide that recommending that companies “consider security from the start assess their options and make reasonable choices based on the nature of their business and the sensitivity of the information involved.”  The “Start with Security: A Guide … Continue reading this entry

Cyber Intrusion Responsibility Shared by General Counsel & IT

It is imperative that General Counsel learn IT technology and lingo- and that IT legal jargon given a recent survey identified that in almost 450 companies 31% rely on IT and 21% rely on General Counsel to be primarily responsible for assuring legal compliance when cyber intrusion occurs. Zurich sponsored Advisen’s recent white paper entitled … Continue reading this entry

11 Things to Do Before Your Laptop (Cell or Tablet) Disappears

I paste business cards to all new laptops, iPhones, and iPads because maybe somebody will steal the device or I might just lose it, which is likely since Networkworld estimates are “that a laptop is lost every 53 seconds.”  The September 10, 2015 Networkworld report is entitled “10 things to do before you lose your … Continue reading this entry

Alert to All Lawyers - Inevitable Data and IT Disasters May Destroy Client Files!

A recent report warned that lawyers have an “ethical and regulatory responsibility to protect your client’s confidential information, it is imperative that you have a plan in place to protect your data from loss, corruption or theft.”  Abacus Data Systems issued its report entitled “10 Critical Disaster Planning Essentials for Your Law Firm” which included … Continue reading this entry

7 Reasons for You to Worry About eMail eDiscovery

eDiscovery is the monster that ate Cleveland and email is the most significant volume of ESI in eDiscovery, and IDC “estimates that as much as 60% of this business-critical information is stored in email and other electronic messaging tools” and as result “email archives as they not only work to protect organizations from compliance and … Continue reading this entry

Court Rules No Cyberinsurance Coverage

Although not related to any cyberintrusion, a recent ruling related to cyber coverage involved a claim filed was that the defendants “knowingly withheld this information and refused to turn it over” but the “policy covers errors, omissions, and negligent acts.”  On May 11, 2015 US District Judge Ted Stewart (Utah) denied a motion for partial … Continue reading this entry

Are HIPAA Laws Effective? Must Not be Since Healthcare Cyberattacks Have Increased by 125% in the Past 5 Years!

I have always thought HIPAA (Health Insurance Portability and Accountability Act of 1996)  was a huge waste of time, money, and resources which was confirmed by a May 2015 Survey which estimates “that data breaches could be costing the industry $6 billion” and more “than 90 percent of healthcare organizations represented in this study had a … Continue reading this entry

Cyber IT Risk Wake Up Time for Board Members!

A former SEC Chair spoke at a Directors & Officers (D&O) insurance conference and said board members “should be knowledgeable about data inventories, where data is located and if it is protected, and use third-party services to test its safety” as reported by BusinessInsurance.com.  Mary L. Schapiro (SEC chairman from 2009-2012) currently serves on the … Continue reading this entry

GUEST BLOG: Finally! The Supreme Court Supports Trial Judges in Markman Rulings in Patents Cases

BARRY BARNETT GUEST BLOGGER Barry Barnett has been a Guest Blogger in the past, his Blawgletter provides great thoughts, and insights. I read his blogs regularly. Over the years Barry and I have had a number of cases together and he is an outstanding trial partner at Susman Godfrey. Clear Error Test Governs Review of … Continue reading this entry

Companies Slow to Get CyberInsurance Coverage Even as CyberAttacks Increase

A recent report showed a slight increase from 10% to 26% of companies with cyber insurance coverage between 2013 and 2014, and stated that most US companies are deficient in “keeping the data breach response plan up-to-date, conducting risk assessments of areas vulnerable to a breach, continuous monitoring of information systems to detect unusual and … Continue reading this entry

More Bad Cybersecurity News - Top-Tier Malware Regin Used for Spying Since 2008

Symantec reported the discovery of new malware named Regin whose main purpose “is intelligence gathering and it has been implicated in data collection operations against government organizations, infrastructure operators, businesses, academics, and private individuals.”  On November 24, 2014 Symantec issued a report entitled “Regin: Top-tier espionage tool enables stealthy surveillance” which is a “back door-type … Continue reading this entry