Category Archives: Legal

Игроки всегда ценят удобный и стабильный доступ к играм. Для этого идеально подходит зеркало Вавады, которое позволяет обходить любые ограничения, обеспечивая доступ ко всем бонусам и слотам.

New Preliminary Cybersecurity Framework Champions Risk Management

Posted on by

Cybersecurity

In February, President Obama issued an executive order instructing the Commerce Department to lead a task force of security experts and industry insiders to develop a voluntary framework to reduce cyberrisk. Last week, the National Institute of Standards and Technology officially released an initial draft of the cybersecurity framework and announced a 45-day open comment period for public input.

The full Preliminary Cybersecurity Framework can be viewed here on the NIST website. After the review period and subsequent revisions, a more complete version will be released in February.

Risk management is a primary focus of the new framework, from the language used to analyze potential exposure to express endorsements in the policy itself. According to a press release, “The Preliminary Framework outlines a set of steps that can be customized to various sectors and adapted by both large and small organizations while providing a consistent approach to cybersecurity. It offers a common language and mechanism for organizations to determine and describe their current cybersecurity posture, as well as their target state for cybersecurity. The framework will help them to identify and prioritize opportunities for improvement within the context of risk management and to assess progress toward their goals.”

Under Secretary of Commerce for Standards and Technology and NIST Director Patrick Gallagher, who was tasked with overseeing development of the framework, emphasized the risk management as a critical component of strengthening national infrastructure in line with the president’s executive order. “We want to turn today’s best practices into common practices, and better equip organizations to understand that good cybersecurity risk management is good business,” Gallagher said.

buy xifaxan online orthomich.com/img/blog/jpg/xifaxan.html no prescription pharmacy

“The framework will be a living document that allows for continuous improvement as technologies and threats evolve. Industry now has the opportunity to create a more secure world by taking ownership of the framework and including cyber risks in overall risk management strategies.

buy trazodone online orthomich.com/img/blog/jpg/trazodone.html no prescription pharmacy

The framework outlines key functions that should organize cybersecurity activities: Identify, Protect, Detect, Respond and Recover. These functions are designed to aid the risk manager in evaluating, communicating and fortifying against cyberrisks. The document even suggests itself as a potential opportunity for risk managers to seize the opportunity to get involved in proactive cyberrisk strategy. It reads, “The functions also align with existing methodologies for incident management, and can be used to help show the impact of investments in cybersecurity.”

Authors also added the following visual to highlight the critical role of risk management at every level of suggested implementation:

Risk Management in Cybersecurity Framework

In a blog post, the White House encouraged businesses to evaluate the initial framework and their current cyberrisk position, and to consider their cyber risk appetite in the form of a projected target state for cybersecurity.

Online Exclusive: How to Protect Yourself on Social Media

Posted on by

Add Friend on Social Media

In the October issue of Risk Management, social media and eDiscovery expert Adam Cohen chatted with me about the biggest corporate risks in sites like Facebook and Twitter, and outlined some best practices for developing and enforcing a social media policy. But behind every account sits one major risk that’s hard to control: a person.

Not all of Cohen’s advice could make the magazine, so here are some of his extra tips for how to mitigate the risks of personal social media – both to protect your company and to protect yourself.

What should employees know about their personal social media accounts?

All employees need to recognize one thing: they shouldn’t have any expectation of privacy in information that they post on social media. Even if they think they’re limiting information to a select group of friends, this stuff can all be disclosed in litigation and there are many cases where courts have required so-called non-public social media information to be disclosed. It’s fairly routine at this point.

Many employers – certainly all the major companies – have specific social media policies that give very particular and clear direction to employees on what they can and can’t do when it comes to company information on social media. That extends beyond just corporate social media and includes anything they’re doing on social media that could impact the company. And many employers are going to take the position that they have the right to monitor employees’ social media.

How can employees protect themselves?

buy lipitor online orthomich.com/img/blog/jpg/lipitor.html no prescription pharmacy

One of the key things employees need to do to protect themselves is only disclose information they would be comfortable disclosing to the entire world and they should not to go anywhere near business information. Being safe on this front may include publishing a disclaimer that an individual is not representing the views of the company. What else can they do? Follow the employer’s social media policy to the letter and, any time they have a question about whether one of their social media posts may be affected by the policy, they should ask. Most policies will provide a resource for questions, whether it’s a general counsel or a compliance officer or immediate supervisor.

Those are probably the main things: not having an expectation of privacy on social media and treating everything you post like it’s private, and following the policy to the letter and getting clarity and permission on anything that you think could be a violation of the policy.

As we’ve used social media more, do you think employees are using social media any more wisely?

I think it’s still too early to say that there are any improvements there. Litigation that involves social media as a factor in one form or another is just exploding. There is no information that would suggest in any way that employees have increasing awareness of this and are taking that into account when they go on social media.

What is the first thing you look for when trying to evaluate a social media account for potential liability or wrongdoing by an employee?

The first thing I would look for is the nexus between the social media and business information. Personal social media may be a concern from the perspective of the employee being seen as representing the company, even if it’s just sullying the reputation of the company – and that’s especially true the higher-ranking the employee is – but the first thing to look for is whether the employee discussing matters within the scope of their employment. And that’s difficult to monitor – the social media world is a big world, especially for a company with a lot of employees.

So then general personal misuse is relatively benign to you?

The other stuff is not benign at all. An employee who behaves in an inappropriate way on social media or is violating intellectual property rights, copyright or trademark of some other company – or, say, badmouthing a competitor – well, that’s not benign. If they’re engaged in criminal activity on social media or they’re defaming someone, that’s certainly not benign because they work for a company and that can impact the image of the company or lead to serious repercussions. That only gets more serious if you’re a prominent or higher-ranking executive.

buy arimidex online orthomich.com/img/blog/jpg/arimidex.html no prescription pharmacy

Is it benign? No, but you can’t control that.

Although, I should note, the National Labor Relations Board has said that employees have to be permitted to discuss their working conditions with other employees and that the employer can’t really control that, and if the social media policy purports to prohibit that discussion, the policy is not valid.

What is the most useful evidence in building a case against an employee?

Well, it depends on the kind of case, but social media has now been used as evidence in hundreds of cases. The most devastating use of it so far has probably been in the personal injury arena.

buy advair rotahaler online orthomich.com/img/blog/jpg/advair-rotahaler.html no prescription pharmacy

Plaintiffs have made claims of disability and emotional distress and the defendant has been able to obtain discovery or has retrieved public social media that completely contradicts those claims – for example, a video of the complainant surfing. There are a lot of cases like that and that’s just an example of really devastating use of social media.

Who do you friend at work?

Well, you don’t friend subordinates – that’s a no-no. You can get yourself into all kinds of trouble there with people making claims about what kind of a relationship you have with them. You don’t friend people at work whom you don’t know – just as you don’t in your personal life. You shouldn’t assume that, just because this person works with you, they’re the kind of person with whom you want to be associated. You also don’t want to friend somebody who you don’t want to have access to your social media. If you have privacy concerns, you want to maintain the upper limits of your reasonable expectation of privacy, so don’t friend people you’re afraid might use that access against you in an invasion of privacy.

Twitter’s Data Mining Profits Show Lesser-Known Social Media Risk

Posted on by

Data Mining

In an interview for this month’s issue of Risk Management magazine, lawyer and social media specialist Adam Cohen cautioned businesses that the risks of social networking sites extend beyond explosive posting faux pas.

“In most cases, corporations don’t realize that what they put on these social media services is all subject to the privacy policies and terms and conditions of the services,” said the eDiscovery expert and author of Social Media: Legal Risk and Corporate Policy. “Those provide a shocking amount of access by the social media services where they may take your data.”

As Twitter prepares for its much-anticipated IPO, the social media giant has released a torrent of information on its financial standing and practices. One of the most important tidbits for users concerns the site’s lesser-known side-business: data mining. In the first half of 2013, Twitter made $32 million by selling its data—namely, tweets—to other companies, a 53% increase from the year before.

So far this year, the company has raked in $47.5 million from selling user data to companies that analyze the social media posts for insights into news events and trends. Because of its real-time nature, Twitter is the primary contributor to data mining, though other social networks are frequently used in professional analysis.

This analysis is then sold to businesses for a slew of uses. “The types of ways that businesses are using Twitter data has gone deeper and deeper,” Chris Moody, the CEO of original Twitter data mining company Gnip, told Time. “We’re seeing it in supply chain and inventory management. It’s not just consumer brands that are engaging on Twitter.”The United Nations uses Twitter algorithms to pinpoint areas of social unrest. Burger chain Five Guys used “social intelligence technology” from New Brand Analytics to monitor quality in restaurants across the country and evaluate the appeal of a new fry size offering. Wall Street subscribers to one service, Dataminr, got a leg up on the S&P Index drop following the Navy Yard shooting. Five minutes before the news broke, users received an alert to take action after the company’s algorithms picked up on eyewitness reports and deduced from their timing, influence, and location that something urgent was taking place.

Clearly, there’s money to be made on both sides. According to the Wall Street Journal, the “social listening” business is booming, partially funded by millions of dollars in venture capital. Research firm IDC estimates that the entire “big data” market has grown seven times as quickly as the information technology sector as a whole, and may be valued at $16.9 billion in two years.

Data is mined for a variety of purposes – ones your company may even want to explore – but while there are benefits to the ends, the means translate into cyber exposures of which you may never know the details or depth. While the reputational risk of social media garners a lot of the attention – and rightfully so – there are increasingly tremendous exposures that lay in the forms just to sign up. With Twitter going public, there will only be further incentive to maximize revenue by selling user data, and more reason to approach corporate social media with caution.

California Town Must Improve Risk Management or Lose Insurance Coverage

Posted on by

Insured City

One southern California town has officially been warned that their insurance will be cut off if city officials do not adopt risk management policies.

Irwindale’s insurer, the California Joint Powers Insurance Authority, issued a performance improvement plan on August 28 and said city liability and workers compensation insurance will be terminated if it does not adopt the measures. Allegations of corruption have cast a pall over the police department and local government, and the city has been forced into almost $2 million in settlement payouts over the past five years, according to the Pasadena Star News.

“They’re on notice that they need to improve their risk management practices within the city’s operations, specifically in the police department, to maintain their insurance coverage with our agency,” JPIA’s risk management program manager Bob May told the paper.

Irwindale has been mired in controversy over the past few years.

Of 24 police officers, three are on paid administrative leave and the department is conducting 14 internal affairs investigations. A local woman recently filed a $20 million lawsuit against the city, alleging that an officer sexually assaulted her during a traffic stop. Police Lt. Mario Camacho has been accused of retaliation by an officer under his command and of sexual harassment by a female cadet. Four city officials are charged with of misappropriation of public funds, embezzlement and conflict of interest resulting from a series of lavish trips to New York City that utilized over $200,000 of public funds.

Under the guidelines from JPIA, the city must hire a permanent human resources manager and council members must complete training on council relations and cooperation. If they do not complete the improvement plan, they risk losing coverage and will have to go to the open market or self-insure.

In September 2011, the JPIA issued a similar warning to the city of La Puente, Calif. As part of the “healthy members program” criteria, which outlines what members should do to stay within risk management guidelines, Insurance Journal reported that the town’s performance improvement plan required that La Puente “hire a permanent city manager, give notice of any harassment and retaliation complaints, and send council members to etiquette classes to learn how to get along.” The city recently completed the program and remains insured.

buy tamiflu online https://silvermancare.com/wp-content/uploads/2023/10/jpg/tamiflu.html no prescription pharmacy

So far, the only town to be officially cut off by the California Joint Powers Insurance Authority is Maywood. The city was dropped in 2010 and the lack of insurance forced the local government to lay off almost all of its employees and disband the police department.