Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.
Understanding third-party service provider relationships and the security risks they present to any organization is an essential element of cybersecurity planning. Bad actors continue to exploit the risks presented by third-party service providers that maintain access to corporate-owned information systems. Over the last several years, companies have found themselves the victim of costly and high profile data breaches occurring as a result of a third-party service provider's security failures. See, e.g., In re Target Corp. Data Sec. Breach Litig., 66 F. Supp. 3d 1154 (D. Minn. 2014); In re: The Home Depot, Inc., Customer Data Sec. Breach Litig., No. 1:14-MD-2583-TWT, 2016 WL 2897520, at 1 (N.D. Ga. May 18, 2016).
In an era of ubiquitous data collection, reliance on these third parties for virtually all aspects of the business' technical operations has become standard operating procedure for many companies. At times, this reliance makes sense, as the provider may be better positioned to reduce risk in providing this service. To that end, the client must ensure it has the oversight capability to ensure the provider is successfully managing risk.
Identifying third-party service provider relationships and evaluating the risks they present requires careful planning and organization on the part of the business. Strong information governance and security controls for the evaluation of third-party service providers are required to manage risk effectively and, with increasing frequency, to comply with the legal expectations. Strong contractual protections with third-party service providers are also essential. For organizations that desire to formalize such processes, there are useful resources and guidance available to achieve these objectives.
ENJOY UNLIMITED ACCESS TO THE SINGLE SOURCE OF OBJECTIVE LEGAL ANALYSIS, PRACTICAL INSIGHTS, AND NEWS IN ENTERTAINMENT LAW.
Already a have an account? Sign In Now Log In Now
For enterprise-wide or corporate acess, please contact Customer Service at [email protected] or 877-256-2473
This article highlights how copyright law in the United Kingdom differs from U.S. copyright law, and points out differences that may be crucial to entertainment and media businesses familiar with U.S law that are interested in operating in the United Kingdom or under UK law. The article also briefly addresses contrasts in UK and U.S. trademark law.
The Article 8 opt-in election adds an additional layer of complexity to the already labyrinthine rules governing perfection of security interests under the UCC. A lender that is unaware of the nuances created by the opt in (may find its security interest vulnerable to being primed by another party that has taken steps to perfect in a superior manner under the circumstances.
With each successive large-scale cyber attack, it is slowly becoming clear that ransomware attacks are targeting the critical infrastructure of the most powerful country on the planet. Understanding the strategy, and tactics of our opponents, as well as the strategy and the tactics we implement as a response are vital to victory.
Possession of real property is a matter of physical fact. Having the right or legal entitlement to possession is not "possession," possession is "the fact of having or holding property in one's power." That power means having physical dominion and control over the property.
UCC Sections 9406(d) and 9408(a) are one of the most powerful, yet least understood, sections of the Uniform Commercial Code. On their face, they appear to override anti-assignment provisions in agreements that would limit the grant of a security interest. But do these sections really work?