Law.com Subscribers SAVE 30%

Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.

Three Lessons for a Proactive Approach To Cybersecurity

By Jason Straight
August 02, 2015

Do you know where your client's or organization's data is? It's not a rhetorical question ' it's a serious issue that should be at the core of any cybersecurity assessment. Many IT and security departments may have all sorts of sophisticated tools and processes for securing data in-house, but what about service providers who have access to the network? What about outside law firms handling the data on their own premises or in the cloud? And what about the vendors that those firms use?

Cybersecurity has been elevated to a top priority in today's corporate boardrooms, as news of major data breaches has become commonplace over the last few years. The scope of some of those breaches has reached catastrophic proportions, and recent discoveries illustrate the systematic approach of hackers' third-party vendor attack strategy.

For instance, in a recent article renowned cybersecurity expert and journalist Brian Krebs analyzed the successful attack patterns on several large organizations. See, “Catching Up on the OPM Breach,” Krebs on Security. Since July 2014, Chinese hackers have breached and stolen data from the U.S. Office of Personnel Management (OPM) and its third-party vendors. First they targeted OPM's background check provider USIS; then after OPM replaced that provider, hackers breached the new background check provider, Keypoint ' apparently to capture data on federal employees applying for security clearance. Then came the Anthem breach; shortly thereafter were the lesser-known breaches of two Blue Cross subsidiaries that happen to serve federal employees.

Read These Next
Major Differences In UK, U.S. Copyright Laws Image

This article highlights how copyright law in the United Kingdom differs from U.S. copyright law, and points out differences that may be crucial to entertainment and media businesses familiar with U.S law that are interested in operating in the United Kingdom or under UK law. The article also briefly addresses contrasts in UK and U.S. trademark law.

The Article 8 Opt In Image

The Article 8 opt-in election adds an additional layer of complexity to the already labyrinthine rules governing perfection of security interests under the UCC. A lender that is unaware of the nuances created by the opt in (may find its security interest vulnerable to being primed by another party that has taken steps to perfect in a superior manner under the circumstances.

Strategy vs. Tactics: Two Sides of a Difficult Coin Image

With each successive large-scale cyber attack, it is slowly becoming clear that ransomware attacks are targeting the critical infrastructure of the most powerful country on the planet. Understanding the strategy, and tactics of our opponents, as well as the strategy and the tactics we implement as a response are vital to victory.

Legal Possession: What Does It Mean? Image

Possession of real property is a matter of physical fact. Having the right or legal entitlement to possession is not "possession," possession is "the fact of having or holding property in one's power." That power means having physical dominion and control over the property.

The Anti-Assignment Override Provisions Image

UCC Sections 9406(d) and 9408(a) are one of the most powerful, yet least understood, sections of the Uniform Commercial Code. On their face, they appear to override anti-assignment provisions in agreements that would limit the grant of a security interest. But do these sections really work?