Posts Tagged: "data security"

Trust is getting a lot of attention these days. Of course, it’s always been important in the United States. We declare trust in God on our currency, Scouts have to be trustworthy, and we even seem to trust the algorithm behind cryptocurrencies. On the other hand, we worry about what feels like a decline, if not complete rupture, in social trust. For businesses that depend on controlling the confidentiality of data shared with employees and outsiders, these are perilous times. Our most important assets are stored and transmitted through digital systems that are imperfect; and that’s without accounting for the frailties of the people with access to those assets. Information security has come a long way since I started my career in the 1970s. There were no networks to worry about then, no powerful computers in the pockets of employees. Data was transmitted on paper. You just needed to watch the front door and photocopier. Employees with their badges as markers of trust could go pretty much anywhere they wanted within the facility.

The IP Tech Summit, researched and produced by Premier Cercle, took place virtually this year, on December 3-4, and focused on new intellectual property strategies for open innovation and digital transformation. As part of the summit, IPWatchdog Founder and CEO Gene Quinn conducted a Fireside Chat with Cloudflare Co-Founder and COO, Michelle Zatlyn, who said that we are presently in a critical phase of the internet’s development and have an opportunity to redefine it to make it work. But—if we act too quickly—we could potentially go backwards.

On the heels of a global pandemic where safety requires that we socially distance and work from anywhere, demand is exploding for innovation to adapt to this new way of living. Our new environment will require more and more computing power to migrate to the edge of the network. Computing power housed in data centers and cloud environments is moving closer to end-users and devices in edge computing centers. Eventually, fueled by ubiquitous 5G+ connectivity bandwidths, one can foresee the migration of computing power to the very edge of your interconnected devices. Technology is racing forward to meet the challenges and exploit new opportunities. Ethical questions will need to be answered to regulate through the evolving network technology architecture. Corporate legal functions will need to adapt and partner with product managers to ensure compliance.

The bill would create a new title within California Civil Code named Security of Connected Devices. The first part of this title would require a manufacturer of a connected device, defined as any object capable of connecting to the Internet and assigned either an Internet protocol address or a Bluetooth address, to equip the device with reasonable security features appropriate to the nature and function of the device, appropriate to the information it may collect or transmit and designed to protect both the device and the information it contains from unauthorized access.

Technology and intellectual property (IP) have become vital components to virtually every business in all industries as they often drive the value and efficiencies of a business and enable companies to monetize their products and services. In order to capitalize on this trend, private equity (PE) investors are making significant investments in companies focused on developing and commercializing IP. In 2017, a record number of PE deals were IP and technology focused, ranging from consumer-facing companies with valuations driven by trademark portfolios and brand awareness, to cloud platform and biotech companies with significant patent portfolios and research and development efforts. According to analysts of PE deal-trends, this wave of IP-centric PE transactions has continued and will continue to grow during 2018.

Dystopian novels and science fiction often return to the subject of the loss of personal privacy which is often encouraged by the use of technology enabling constant, omnipresent surveillance. Perhaps the most famous example of this in the science fiction canon of the 20th century is George Orwell’s Nineteen Eighty-Four. First published in 1949, Orwell’s novel conceives of a world where government surveillance is so complete that the vast majority of citizens don’t mind being watched by two-way telescreens in their own apartments. Even the novel’s rebellious protagonist Winston Smith comes around at the end to fall prey to the same cult of personality that allows the government overseer — Big Brother — to remain in power… With concerns over the use of personal data fresh in the mainstream news, we’ll run a series of articles that will take a closer look at U.S. tech giants both in terms of the types of data they track and the purposes for which that data is used.

As businesses rapidly outsource their IT functions to the cloud, customers seeking cloud computing or cloud services must understand the risks, especially when sensitive, regulated or confidential data is stored in the cloud. Sensitive data carries business risk and may be subject to a host of legal and regulatory requirements. Cloud service agreements usually are based on the cloud services provider’s standard form agreement… The customer must read the indemnification terms closely, not just for the explicit language in the agreement, but for what the customer is really getting from the cloud services supplier and whether the indemnification terms will be of any help to the customer’s business if sued by a third party.

To get the case off the ground, the court will decide whether Equifax can be sued in the first place – it’s tricky, because different federal circuits disagree about when this can happen. So, courts in Delaware, Illinois and Washington DC (for example) would allow the plaintiffs to proceed merely because their data is at risk after a hack. This is pretty easy to show. On the other hand though, New York, Conneticut and North Carolina would need to see not just a leak, but that the leaked data has actually been misused afterwards. Equifax HQ is in Atlanta, the 11th circuit. Although those courts have a history of recognising that difficulty (and so supporting data victim lawsuits), it hasn’t yet come down firmly on the question of risk vs misuse.

Cyber crimes and data breaches have become far too widespread in the recent times. Technological progress has taken the risk to new levels, with newer techniques to exploit vulnerable organizations, corporations and governments being discovered every day… A considerable number of organizational respondents to the survey, approximately 32%, reported being affected by cyber crime. Nearly 34% felt that they would be affected within the next 2 years. While 61% of the top executives feared cyber attacks, only 37% of organizations claimed to have a cyber incident response plan in place. Obviously, this represents a significant disconnect between the level of fear and the level of preparedness in the industry.

High value information—identified as trade secrets, IP mappings, product designs, financial data, confidential business information and similar files and documents—require an extra level of protection because of their value to cybercriminals and malicious insiders. The last thing an organization wants to do is make the theft of high value information easier by leaving vulnerability gaps in security practices. A malicious actor will exploit those each and every time.

Biometrics, or the measure of human physiological characteristics as expressed by data metrics, is becoming a much more valuable sector of high tech in recent months. By 2020, the global market for biometric systems should surpass $24.4 billion according to data released by Markets and Markets, with the sector growing at a compound annual growth rate (CAGR) of 17.5 percent between 2015 and 2020. Biometrics has applications in a couple of growing tech sectors, including e-commerce, e-passports and smartphones. Computer software and hardware developer Microsoft Corporation (NASDAQ:MSFT) of Redmond, WA, is looking to apply biometrics tech to its smartphone products.

The privacy implications of the driverless car are significant. The data that such a vehicle could collect and the potential uses of that data could be extraordinarily intrusive. Driverless cars could provide both historic and real-time, continuous geolocation data. Companies could utilize this data to determine not only your current location and destination but also every place that you have been. This data could lead to commercially valuable, but extremely sensitive and intimate information about individuals being discovered. Advertisers may be able to discern the purchasing patterns of individuals by tracking what stores they frequent. Insurers may be able to determine what the lifestyle of individuals is like by following their daily activities (e.g., constant trips to the gym) and dining habits (e.g., persistent trips to fast food restaurants).

It has become more apparent in recent years that cybercriminals looking to profit from sensitive data are zoning in on law firms and their wealth of client information. Get ahead and prepare for clients asking questions about your security posture by closely examining your firm’s environment. Taking this preemptive action will help you detect gaps where confidential client data could be at risk, regardless of where and on what devices the information is stored. This assessment is easy to accomplish through the many proven services currently available in the market. Understanding where exactly your firm’s sensitive client data is being stored and how it’s being used is a critical first step to safeguarding that information.

Days before this Federal Circuit decision, the Patent Trial and Appeal Board (PTAB) issued its decision for Informatica Corp. v. Protegrity Corp. The patent at issue in this case – U.S. Patent No. 8,402,281 – is directed to a database management system that includes an operative database and an information assets manager database. It is conceivable that the Board erred by pushing past the initial Mayo/Alice question and finding that these claims, which cover a data storage innovation of the kind found in Enfish, may have been erroneous. In other other words, when the Board determined that the combination of the methods did not add significantly more than the already determined abstract idea, that question might have never been properly reached in the first place.