DOCSLIB.ORG

How Your Company Responds to an Incursion Into Your Corporate Or

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
How Your Company Responds to an Incursion Into Your Corporate Or How your company Equifax, Yahoo, Arby’s, Target, Home a cybersecurity insurance policy—and Depot, Deloitte, JPMorgan Chase, understand it. To guard against insur- responds to an incursion eBay, LinkedIn, Sony Pictures—it’s ance fraud, many policies will not allow into your corporate or a list of impressive companies that a company to claim the time employees seems to grow by the day. What do spend responding to an incident. customer data can mean they have in common? They all had Ask your insurance provider if it has the difference between to publicly announce data breaches a reporting template or instructions that put customers and their personal for how to validate and provide proof a disaster and a difficult information at risk. of services rendered. Knowing this PR problem. At Jabian, we are helping CEOs, CIOs, in advance and incorporating it into and CISOs prepare and respond to data your action plan will help you and your breaches around the globe. How a com- vendors create the needed documenta- pany responds can potentially make or tion throughout the process. break the company and its leadership Having master service agreements 2016 Average Incident Source: BakerHostetler (case in point: the near immediate in place with third-party responders Response Timeline resignation of Equifax’s CEO). before or immediately after an incident A good response can increase brand occurs can ensure you have the right prestige. It can delay or remove the people—with the necessary skills— risk of lawsuits. It can even lead to an available when you need them. Your increase in the company’s stock price. insurance may even cover their help. 69 7 These recommendations can help you Be aware that insurance typi- DAYS FROM DAYS FROM right the ship if your company is the cally covers only the investigation, OCCURRENCE TO DISCOVERY TO target of a data breach—and help you emergency containment activities, DISCOVERY CONTAINMENT keep your job. and notification of affected parties. Recovery is not typically included. It’s assumed that doing those activities Make Sure You Are Covered in the first place would have prevented Data Breaches Can Happen to Anyone the incident from occurring. Don’t forget about hard-copy DISCOVERY OCCURRENCE In today’s environment, it is almost records. As reported in Baker- CONTAINMENT a question of “when,” not “if,” a data Hostetler’s Data Security Incident breach will occur. Make sure you have Response Report (BakerHostetler, 10 THE JABIAN JOURNAL Number of Data Breaches and Exposed Records (in millions) in the United States Sources: Identity Theft Resource Center; CyberScout 1093 1000 783 781 750 656 662 614 498 419 447 500 446 321 223 250 169 157 128 92 86 67 37 19 36 16 23 17 0 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 DATA BREACHES EXPOSED RECORDS (IN MILLIONS) 2016), incidents involving paper office to orchestrate coordination is should you communicate? And who records accounted for 13 percent of vital to surviving the data breach. In within your company is responsible for all incidents in 2015. More common addition to the company’s key execu- communicating? Are there any legal among health care incidents because of tives, the response teams will typically requirements for when you must com- HIPAA requirements, BakerHostetler include incident response, legal, municate? If you are a public company, recommends that you ensure paper external legal counsel, IT operations, how could communications and timing records, in addition to electronic third-party forensic investigators affect your public filings or your reports records, are included in your infor- and responders, corporate com- to analysts and investors? mation governance and incident munications, and the data/business Informing your employees may response preparation. intelligence team. Human resources sound like a good idea. A large percent- may also be involved if employees are age of data breaches, however, are at fault or are the victims. caused by employees. If the data Create a Plan breach is malicious, you don’t want Preparation Is the Key to Managing COMMUN1CAT1ONS to tip off the “bad guys” until you Data Breaches MANAGEMENT have time to gather evidence. Once Having a dedicated resource focused you’ve collected your evidence, Once you become aware of a data on ensuring communications are sent communicate a comprehensive breach, you have limited time and to the press, internal teams, and exter- response to employees about what resources to react. Jabian’s Data Breach nally affected parties is necessary. happened and, more important, how Framework breaks down the pieces to Unless you have drafted templates that the company will prevent this from include in your response strategy. The are preapproved with legal (internal happening again. framework provides the flexibility to and external), you will need someone Like all the steps in a data breach develop the plans you need in hand on working full time in concert with response, ensure you’re tracking Day 1 to address different data breach legal to draft and wordsmith your internal communications—who scenarios. You don’t want to create communications to ensure the optimal receives them, when, and what is your incident response plan while you message is delivered at the right time. communicated—to ensure com- are responding to the incident. Your communications strategy plete coverage. should include internal and external PROJECT MANAGEMENT stakeholders. There are many questions STAKEHOLDER MANAGEMENT A data breach requires many teams to you need to think through, addressing: With regard to project and com- come together swiftly and harmoni- What will you communicate? To whom munications management, you must ously. Having a project management will you communicate? How much ensure that your critical stakeholders SPRING 2018 11 Data Breach Strategy P R O JE C T M A N A GE ME N T are on the same page throughout the investigation, notification, contain- ment, and recovery phases of a data C OMMUNIC AT ION M A N A GE ME N T breach. Have someone on point to ensure communications flow from the project management office and inci- S TA K E HOL DE R M A N A GE ME N T dent response teams to the appropriate stakeholders—internal and external. You will more than likely have IN V EST IG AT ION NO T IF IC AT ION C ON TA INME N T R E C OV E R Y several vendors and internal groups A ND L E S S ON S working together across various work E R A DIC AT ION L E A R NE D streams. They will need executive approval, as well as coordination with the correct internal counterparts (IT, ME T R IC S A ND R EPOR T ING legal, communications, etc.) to assist throughout the process. Coordinating with these stakeholders and groups common pain point can be time-consuming. It requires management, as speed of alignment, approvals, and delivery are important for the team to be effective. not managed by a single corporate or communicating all the information 1NVESTIGAT1ON IT unit. This fragmentation can lead to to the public in a single notification, The technical nature of the inves- additional complications, as individual which can quickly fade from the public tigation will vary depending on the users and managers will have varying eye, is a huge win. The alternative systems, networks, and data types systems, programs, protection, and may be fragmented investigations involved. From a general process potential malware. Depending (managed by individual parties) and perspective, however, you must on your intercompany agreements, multiple notifications that can drag determine which systems are in or out you may need to get permission on for months, if not years. Equally of scope for the investigation; track from the subsidiary or franchisee important is being able to centrally what you have investigated and what is before conducting your investigation. craft and manage the messages to still in process; and understand when Ensuring up front that you have a customers and the public, ensuring the investigation is complete. If you well-thought-out cybersecurity they meet legal requirements and don’t have the skills in-house, engage clause in your intercompany agree- protect the company’s brand as much a private forensic investigation firm to ments can provide a uniform and more as possible. investigate on your behalf. timely investigation. If the credit card networks identi- Keep in mind that individual CONTA1NMENT fied your company or some of your system owners with proprietary As you identify issues throughout locations as being common points of knowledge and management of their the investigation, you should work to purchase for credit cards linked to computers, such as subsidiaries or immediately contain them without fraud, they may require you to use a franchisees, may be protective of their disrupting the investigation or forensic investigator certified by the devices and be hesitant to engage damaging any evidence. The goal of credit card industry. The card networks outside help to investigate. They will containment is to stop the incident will want to ensure it truly was a be looking after themselves before the or the malware from spreading. At malicious outside attack, rather than overall company, so you may have to this step, the goal is not to remove or an inside job, which could put your offer incentives to get them to opt in to eradicate it. company on the hook for reparations. the investigation. Depending on the type of issue Another difficulty may involve Incentives might include paying for you identify, it may be possible to decentralized systems or systems the cost of the investigation or the cost lock down your network or use an that cross corporate boundaries (e.g., of mailing notifications to customers.
Load more

Recommended publications
  • UNITED STATES DISTRICT COURT NORTHERN DISTRICT of GEORGIA ATLANTA DIVISION in Re
    Case 1:17-md-02800-TWT Document 739 Filed 07/22/19 Page 1 of 7 UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF GEORGIA ATLANTA DIVISION MDL Docket No. 2800 In re: Equifax Inc. Customer No. 1:17-md-2800-TWT Data Security Breach Litigation CONSUMER ACTIONS Chief Judge Thomas W. Thrash, Jr. PLAINTIFFS’ MOTION TO DIRECT NOTICE OF PROPOSED SETTLEMENT TO THE CLASS Plaintiffs move for entry of an order directing notice of the proposed class action settlement the parties to this action have reached and scheduling a hearing to approve final approval of the settlement. Plaintiffs are simultaneously filing a supporting memorandum of law and its accompanying exhibits, which include the Settlement Agreement. For the reasons set forth in that memorandum, Plaintiffs respectfully request grant the Court enter the proposed order that is attached as an exhibit to this motion. The proposed order has been approved by both Plaintiffs and Defendants. For ease of reference, the capitalized terms in this motion and the accompanying memorandum have the meaning set forth in the Settlement Agreement. Case 1:17-md-02800-TWT Document 739 Filed 07/22/19 Page 2 of 7 Respectfully submitted this 22nd day of July, 2019. /s/ Kenneth S. Canfield Kenneth S. Canfield Ga Bar No. 107744 DOFFERMYRE SHIELDS CANFIELD & KNOWLES, LLC 1355 Peachtree Street, N.E. Suite 1725 Atlanta, Georgia 30309 Tel. 404.881.8900 [email protected] /s/ Amy E. Keller Amy E. Keller DICELLO LEVITT GUTZLER LLC Ten North Dearborn Street Eleventh Floor Chicago, Illinois 60602 Tel. 312.214.7900 [email protected] /s/ Norman E.
    [Show full text]
  • GEORGIA – COSTA RICA Economic Development Connection
    GEORGIA – COSTA RICA Economic Development Connection Government & Commerce The University System of Georgia offers at least 35 study abroad programs to Costa Rica Atlanta is home to the Consulate General of the including programs in art, culture, education, Republic of Costa Rica. Ms. Joanne Leigh Noriega medicine, ecology, biology and creative writing. serves as Consul General. The Consulate serves According to the 2012 U.S. Census Bureau, there the states of Alabama, Georgia, Kentucky, North are more than 3,100 residents in Georgia with Carolina, South Carolina and Tennessee. Costa Rican heritage. The Georgia Institute of Technology created the Costa Rica Trade, Innovation and Productivity Trade Relationship (TIP) Center through a partnership among Georgia Tech, the Foreign Trade Corporation of EXPORTS: In 2013, Georgia exports to Costa Rica Costa Rica and the Chamber of Industries in Costa totaled $150 million a .93% increase from 2012. th Rica. The center focuses on utilizing research, Costa Rica is currently the 50 largest export innovation and education to increase trade across market for Georgia. borders and make existing trade more productive Top exports from Georgia to Costa Rica include to benefit the Costa Rican economy and scientific kraft paper, automatic data processing machines, community. The focus is currently on digital refrigerators and freezers, electric water heaters, services and food products. civilian aircraft, engines and parts and wood The University of Georgia has a 160 acre satellite pulp. campus in San Luis de Monteverde, Costa Rica, Georgia leads the nation in the export of the where it offers classes in a variety of fields ranging following goods to Costa Rica: paper and from ecology to business.
    [Show full text]
  • Sample Debt Validation Letter (Send Via Certified Mail, Return Receipt Requested)
    Sample Debt Validation Letter (Send via certified mail, return receipt requested) Date: Your Name Your Address Your City, State, Zip Collection Agency Name Collection Agency Address Collection Agency City, State, Zip RE: Account # (Fill in Account Number) To Whom It May Concern: Be advised this is not a refusal to pay, but a notice that your claim is disputed and validation is requested. Under the Fair Debt collection Practices Act (FDCPA), I have the right to request validation of the debt you say I owe you. I am requesting proof that I am indeed the party you are asking to pay this debt, and there is some contractual obligation that is binding on me to pay this debt. This is NOT a request for “verification” or proof of my mailing address, but a request for VALIDATION made pursuant to 15 USC 1692g Sec. 809 (b) of the FDCPA. I respectfully request that your offices provide me with competent evidence that I have any legal obligation to pay you. At this time I will also inform you that if your offices have or continue to report invalidated information to any of the three major credit bureaus (Equifax, Experian, Trans Union), this action might constitute fraud under both federal and state laws. Due to this fact, if any negative mark is found or continues to report on any of my credit reports by your company or the company you represent, I will not hesitate in bringing legal action against you and your client for the following: Violation of the Fair Debt Collection Practices Act and Defamation of Character.
    [Show full text]
  • Onboard Analysis Workbook 2019.Xlsx
    sort ranking Revenues legal name 1 The Home Depot, Inc. F500 & Top 50 108203 2 United Parcel Service, Inc. F500 & Top 50 71861 3 Delta Air Lines, Inc. F500 & Top 50 44438 4 The Coca-Cola Company F500 & Top 50 31856 5 The Southern Company F500 & Top 50 23495 6 Aflac Incorporated F500 & Top 50 21758 7 Genuine Parts Company F500 & Top 50 18735 8 WestRock Company F500 & Top 50 16285.1 9 SunTrust Banks, Inc. F500 & Top 50 10431 10 Pultegroup, Inc. F500 & Top 50 10188.331 11 Mohawk Industries, Inc. F500 & Top 50 9983.6 12 AGCO Corporation 1 F500 & Top 50 9352 3 Veritiv Corporation F500 & Top 50 8696.2 14 Asbury Automotive Group, Inc. F500 & Top 50 6874.4 15 NCR Corporation F500 & Top 50 6405 16 Intercontinental Exchange, Inc. F500 & Top 50 6276 17 HD Supply Holdings, Inc. F500 & Top 50 6047 18 Graphic Packaging Holding Com F500 & Top 50 6023 19 Invesco Ltd. Top 50 5314.1 20 Total System Services, Inc. Top 50 4028 21 Flowers Foods, Inc. Top 50 3951.852 22 Aaron's, Inc. Top 50 3828.9 23 Acuity Brands, Inc. Top 50 3680.1 24 Carter's, Inc. Top 50 3462.3 25 Equifax Inc. Top 50 3412.1 26 Global Payments Inc. Top 50 3366.366 27 GMS Inc. Top 50 3116 28 BlueLinx Holdings Inc. Top 50 2862.85 29 FleetCor Technologies, Inc. Top 50 2433.492 30 SiteOne Landscape Supply, Inc. Top 50 2112.3 31 Beazer Homes USA, Inc. Top 50 2107 32 Primerica, Inc.
    [Show full text]
  • Equifax: Anatomy of a Security Breach Ashton Glenn Georgia Southern University
    Georgia Southern University Digital Commons@Georgia Southern University Honors Program Theses 2018 Equifax: Anatomy of a Security Breach Ashton Glenn Georgia Southern University Follow this and additional works at: https://digitalcommons.georgiasouthern.edu/honors-theses Part of the Accounting Commons Recommended Citation Glenn, Ashton, "Equifax: Anatomy of a Security Breach" (2018). University Honors Program Theses. 378. https://digitalcommons.georgiasouthern.edu/honors-theses/378 This thesis (open access) is brought to you for free and open access by Digital Commons@Georgia Southern. It has been accepted for inclusion in University Honors Program Theses by an authorized administrator of Digital Commons@Georgia Southern. For more information, please contact [email protected]. Equifax: Anatomy of a Security Breach An Honors Thesis submitted in partial fulfillment of the requirements for Honors in the College of Business Administration, School of Accountancy. By Ashton Glenn Under the mentorship of Dr. Thomas Buckhoff ABSTRACT The infamous 2017 Equifax breach not only compromised millions of citizens’ data, but the breach also left Equifax vulnerable to lawsuits that claim the company acted negligently. This thesis analyzes the events and facts behind the incident to determine the probable outcome of the main case against Equifax. A claim of a breach can come from either Equifax’s data protection or breach response. This thesis concludes the results of the case depends on the final court to determine if Equifax acted negligently with its data protection. If the case ends in the Eleventh District Court of Appeals, the court will probably decide Equifax was negligent. If the case ends in the Supreme Court, the Court will probably decide Equifax was not negligent.
    [Show full text]
  • 2016 Donors & Supporters
    2016 DONORS Miracle Maker ($500,000+) Dream Maker ($10,000+) The Arthur M. Blank Family Foundation Allison-Smith Company, LLC Office of Juvenile Justice and Anonymous Deliquency Prevention The Atlanta Foundation The Marcus Foundation, Inc. Atlantic Trust Private Wealth United Way of Greater Atlanta, Inc. Management Berry Plastics Corporation Marvel Maker ($50,000+) Builders 2020 The AEC Trust Chick-fil-A Foundation Altria Deloitte Big Brothers Big Sisters of America Diversey Care CHEP Douglas J. Hertz Family Foundation, Teresa and Alexander Cummings Inc. Georgia Power Company Fannie Mae IBERIABANK Frances Wood Wilson Foundation, Inc. The Rich Foundation, Inc. Gary W. Rollins Foundation Georgia State University Friendship Maker ($25,000+) The Gillin Family Brand Mortgage Global Concessions, Inc. The CIGNA Foundation GOJO Industries Cobb County Board of Commissioners Heritage Bag Company The Coca-Cola Company The Home Depot Foundation Cox Enterprises, Inc. International Paper Equifax, Inc. Kimberly-Clark Corporation EY Leapley Construction GE Energy Services/ GE Energy Kelly L. Loeffler & Jeff Sprecher Georgia-Pacific Corporation Los Angeles Dodgers KPMG, LLP Masters Capital Management, LLC Publix Super Markets Charities, Inc. McKinsey & Company Salesforce Newell Rubbermaid Sealed Air Company Nordstrom Scott Hudgens Family Foundation, Inc. John Pensec The Sara Giles Moore Foundation PRGX USA Inc. The UPS Foundation Pricewaterhouse Coopers, LLP WestRock Pulte Group, Inc. The Sartain Lanier Family Foundation 1 2016 DONORS SCA Wells Fargo Southwire Company Lauren White UPM Scott Yancey Veritiv Corporation Verso Corporation Match Maker ($1,000+) The Weather Channel A2b Fulfillment Wells Fargo Foundation John Adams Alpha Phi Alpha Magic Maker ($5,000+) America's Charities Arby's Foundation, Inc.
    [Show full text]
  • Equifax 2017 Cybersecurity Breach Information
    Equifax says a giant cybersecurity breach compromised the personal information of as many as 143 million Americans — almost half the country. Cyber criminals have accessed sensitive information -- including names, social security numbers, birth dates, addresses, and the numbers of some driver's licenses. Additionally, Equifax said that credit card numbers for about 209,000 U.S. customers were exposed, as was "personal identifying information" on roughly 182,000 U.S. customers involved in credit report disputes. Residents in the U.K. and Canada were also impacted. The breach occurred between mid-May and July, Equifax said. The company said it discovered the hack on July 29. The data breach is one of the worst ever, by its reach and by the kind of information exposed to the public. Related: The biggest data breaches ever "This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do," said Equifax chairman and CEO Richard F. Smith. Equifax is one of three nationwide credit-reporting companies that track and rates the financial history of U.S. consumers. The companies are supplied with data about loans, loan payments and credit cards, as well as information on everything from child support payments, credit limits, missed rent and utilities payments, addresses and employer history, which all factor into credit score. Related: How to find out if you're affected by the Equifax hack Unlike other data breaches, not all of the people affected by the Equifax breach may be aware that they're customers of the company.
    [Show full text]
  • Southern Company 2007 Annual Report
    SOUTHERN COMPANY 2007 ANNUAL REPORT ANNUAL FacingSOUTHERN COMPANY ... 2007 ANNUAL REPORT SOUTHERNCOMPANY.COM GLOSSARY Alternative Fuels – any non-conventional substance that can be Megawatt – one thousand kilowatts. A measurement of electricity used as fuel, such as ethanol and methane. usually used when discussing large amounts of generating capacity. Book Value – a company’s common stock equity as it appears on Nuclear Regulatory Commission (NRC) – an independent federal a balance sheet, equal to total assets minus liabilities, preferred agency that formulates policies and develops regulations govern- and preference stock, and intangible assets such as goodwill. ing nuclear reactor and nuclear material safety, issues orders to Book value per share refers to the book value of a company licensees, and adjudicates legal matters. divided by the number of shares outstanding. Payout Ratio – the percentage of earnings that is paid to share- Co-Firing – a process of converting biomass to electricity by holders in the form of dividends. adding biomass as a supplemental fuel to coal, thus reducing Public Service Commission (PSC) – the authority that regulates the amount of coal used to generate electricity. utilities at the state level. Combined Construction and Operating License (COL) – Renewable Portfolio Standards – legislative or regulatory poli- a license granted by the Nuclear Regulatory Commission that cies that require the increased production of renewable energy gives the licensee approval to both construct and operate a sources such as wind, solar, biomass, and geothermal energies. nuclear unit. Retail Markets – markets in which energy is sold and delivered Competitive Generation Business – market-based wholesale directly to the ultimate end-users of that energy.
    [Show full text]
  • United States District Court Northern District of Georgia Atlanta Division
    Case 1:17-md-02800-TWT Document 189 Filed 02/02/18 Page 1 of 36 UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF GEORGIA ATLANTA DIVISION In re: Equifax, Inc. Customer MDL Docket No. 2800 Data Security Breach Litigation No. 1:17-md-2800-TWT This document relates to: Chief Judge Thomas W. Thrash, Jr. FINANCIAL INSTITUTION ACTIONS APPLICATION OF THE “CUNA/ICBA GROUP” TO SERVE AS CO-LEAD COUNSEL, CO-LIAISON COUNSEL, AND PLAINTIFFS’ STEERING COMMITTEE FOR THE FINANCIAL INSTITUTION PLAINTIFFS Case 1:17-md-02800-TWT Document 189 Filed 02/02/18 Page 2 of 36 TABLE OF CONTENTS I. INTRODUCTION ...........................................................................................1 II. BACKGROUND .............................................................................................4 III. ARGUMENT ...................................................................................................6 A. The CUNA/ICBA Group Has Committed, and Will Continue to Commit, Substantial Time and Resources to this Action ................. 6 B. The CUNA/ICBA Group Has Worked, and Will Continue to Work, Cooperatively to Achieve Success in this Action ...................... 7 C. The CUNA/ICBA Group Has Substantial Experience Successfully Litigating Complex Actions, Including Data Breach Class Actions ....................................................................9 1. The Proposed Co-Lead Counsel ...............................................10 2. The Proposed Co-Liaison Counsel ...........................................13 3. The Proposed Steering
    [Show full text]
  • Aarons Furniture Rental Agreement
    Aarons Furniture Rental Agreement Manuel lips substantively while modified Anton marshals smatteringly or decelerating blameably. Gular and unwitty Jeth bed while bawdy Amory worships her parietals mordantly and sneck crabbedly. Is Gardiner make-or-break or grateful after moldering Rudyard environ so inaccessibly? Pomroy equipment rental agreement appears likely courts could have given proof. Ge Stove mariassdellaletterait. Lease Term Lessee agrees to suck from IFR Furniture Rentals Sales Lessor in accordance with correct terms and conditions of capital Lease Agreement would of. We summarize what. Is Credit Karma Accurate where Does easy Work Credit Karma. Hank Aaron Dead Baseball Legend Who Broke Babe Ruth's. Rent-to-own usually known as rental purchase or symbol-to-buy is a corps of legally documented transaction under which tangible property harm as furniture consumer electronics motor vehicles home appliances. Personal Injury and Consumer Rights We say you as a person out just a client and that makes us better look work late do. How long does it cute for Aarons to repo? The clipboard on my situation is pretty good claim so please provide you can choose from now american freight offers that again later. Aaron's can be a collapse or witness just like the other individual or primary entity name all in can do people ask a magistrate to issue a warrant for instance husband's may or more this just a summons for altitude to appear this court. Free Shipping on everything at Overstock Your Online Dining Room Bar retail Store. Plaintiffs failed in agreement for selling you rent a penny until our agreements monday, can rent a valid on application statuses during the public policy? Aaron's Treat people To 1 Gets You Started Milled.
    [Show full text]
  • Market Update M&Amarlin & Associates Investment Banking and Strategic Advisory to the Technology and Information Industries
    June 2018 MARKET UPDATE M&AMARLIN & ASSOCIATES INVESTMENT BANKING AND STRATEGIC ADVISORY TO THE TECHNOLOGY AND INFORMATION INDUSTRIES New York Washington, D.C. Toronto www.MarlinLLC.com © Marlin & Associates Holdings LLC, All Right Reserved DEAR CLIENTS AND FRIENDS, Infotech – It’s All About Speed – and Maybe Wireless. Our June M&A Report on the Information Technology Universe Dear Clients and Friends, Our report found below contains an update on m&a deals, values, and trends in the dozen+ segments of the information technology industry that we follow, and sometimes lead. Please see below for our latest Market Update. As we have previously noted, one of the biggest challenges – and one of the largest opportunities – in our industry today revolves around the ability to capture and analyze the massive amounts of structured and unstructured data. A big part of the challenge is that the volume keeps growing. Connected homes, offices, cities and cars, health and financial systems, video, augmented reality, automated factories, artificial intelligence and cloud based services all contribute. According to Cisco, cumulative global data is expected to grow 24% per year for a long time. (Read more here.) We have often discussed the role of Big Data Analytics to help us process and understand much of this data. But the ability of any software to process the data is limited by the speed at which that data is received and that’s where 5G wireless technology comes in. Our industry is used to a wired world. For most participants, wireless is for mobile apps – mostly consumer oriented. But with the speed of 5G wireless approaching 1 gigabyte per second, our assumptions regarding wireless applications (including B2B) need to be reexamined.
    [Show full text]
  • Equifax: Why This Data Breach Is Different from All the Others by Shari Claire Lewis, Esq., and Amanda R
    THOMSON REUTERS Equifax: Why this data breach is different from all the others By Shari Claire Lewis, Esq., and Amanda R. Gurman, Esq., Rivkin Radler LLP NOVEMBER 2017 As the world is now well aware, on Sept. 7, Equifax announced that One aspect of Equifax’s performance that has been called into it had experienced a “cybersecurity incident” that compromised question is whether and to what extent the breach was preventable. the personal and financial information (including name, address, The vulnerability that hackers exploited to access Equifax’s birth date, driver’s license number and Social Security number) of information was in the Apache Struts web-application software. over 143 million U.S. consumers. After Equifax announced the cybersecurity incident and identified Equifax has reported that the breach first occurred in mid-May this software as the source of the breach, the Apache Software 2017 and continued through July. While the breach was discovered Foundation released a statement indicating that Equifax received July 29, Equifax did not announce it to the public until six weeks notice of the vulnerability that caused the breach, as well as later.1 instructions to fix the vulnerability, in March 2017.2 In just a month, this breach proved to be unique not just in scope but also with respect to its potential impact on how business is While the breach was discovered July 29, Equifax did conducted. not announce it to the public until six weeks later. The breach shined a bright light on the data practices of the largely unregulated credit monitoring industry as well as general risks inherent in the pervasive collection of personal information.
    [Show full text]