Category Archives: Uncategorized

Игроки всегда ценят удобный и стабильный доступ к играм. Для этого идеально подходит зеркало Вавады, которое позволяет обходить любые ограничения, обеспечивая доступ ко всем бонусам и слотам.

Annual Judicial ‘Hellholes’ Report is Out

Posted on by

Each year the American Tort Reform Association (“ATRA”) publishes its “Judicial Hellholes Report” and examines problems in state court systems and challenges for corporate defendants in the fair and unbiased administration of justice.

The ATRA’s 2014 report was published this morning; a copy is here, as well as an executive summary here.

Insofar as the report identifies and defines a judicial hellhole as a jurisdiction where judges in civil cases systematically apply laws and procedures in an unfair and unbalanced manner, the Judicial Hellholes Report is an important read for corporate counsel facing class action exposures. In sum, if one has to litigate class actions and make decisions with respect to venue strategy, the Report is a “must read.”

The 2014 Hellholes

The ATRA included seven jurisdictions on its hellholes list – including New York (especially in its treatment of asbestosis litigation in New York City), California, West Virginia, Florida (especially rulings of the Florida Supreme Court), Illinois (especially Madison County, Illinois), Missouri (especially rulings of the Missouri Supreme Court), and Louisiana – where it ranked the venues as the “most unfair” in their handling of civil litigation. Commenting on California in particular, the report asserts that it is characterized by “a generally permissive judiciary that invites wholly absurd lawsuits that clog dockets, even as the state’s perpetually precarious finances have led to sharp cuts in court budgets.”

The 2014 “Watch List”

The ATRA included six jurisdictions on its “watch list,” including New Jersey (especially Atlantic County), Mississippi (in the Delta region), Montana, Nevada, Virginia (principally in the Newport News area), and Pennsylvania (especially in Philadelphia). Just a notch below the seven hellholes, the “watch list” jurisdictions also present significant challenges for corporate defendants.

Implications for Employers

The Judicial Hellholes Report dovetails with the experience of employers in high-stakes workplace class actions, as California, Florida, Illinois, Nevada, New Jersey, New York, and Pennsylvania are among the leading states where plaintiffs’ lawyers file employment discrimination and wage & hour class actions in state courts. These jurisdictions are linked by class certification standards that are more plaintiff-friendly and generous damages recoveries under state laws.

This column was previously posted on the Seyfarth Shaw website.

Lessons Learned from Data Breaches

Posted on by

Recent data breaches have left some large organizations reeling as they deal with the aftermath. They include the Target data breach, compromises at Home Depot, JP Morgan, USPS (which exposed employee Social Security Numbers and other data) and, most recently, Sony Pictures. The Sony hack also proved to be embarrassing to some of the company’s executives, as private email correspondences were exposed.

Collateral damage from data breach is significant: one in nine customers affected by a data breach stopped shopping at a particular retailer. According to LifeLock, a recent survey of corporate executive decision-makers found that while concern for a breach is 4 or 5 on a 5-point scale, only 10% to 20% of their total cyber security budgets go to breach remediation. Establishing an incident response plan in advance can reduce the cost per compromised record by $17.

While strengthening cybersecurity is important, the impact on breached organizations shows that preparing a response must be part of the breach-management equation. These breaches present an opportunity for business leaders and risk professionals to learn important lessons about how to protect their companies, customers and employees if a breach should occur.

Below are steps companies can take to establish a response plan, as well as information on the data breach landscape.

 

 

 

Risk Management, Board Collaboration Can Bolster Cyber Defense

Posted on by

Risk management executives are charged with preparing companies for, and protecting them from, a broad array of emerging risks. Today, there is perhaps no threat that poses more danger than a cyberattack, which could result in a data breach or compromising sensitive information. Given the rapid increase in frequency and severity of high-profile cyberattacks in recent months, organizations must confront cybersecurity issues with greater focus, specificity and commitment.

Of note, an astounding 43% of U.S. companies experienced a data breach in the past year, according to the Ponemon Institute’s 2014 annual study on data breach preparedness, a 10% increase from 2013. These alarming trends are compelling companies to create programs centered on cyber risk awareness, education and preparedness. These programs are vital to the company’s performance and growth; the 2014 Cost of Data Breach Study by IBM and the Ponemon Institute reveals that the average cost to a company from a data breach was about $3.5 million per breach in 2014 – a 15% increase since last year. A company’s intellectual property and customer data may also be compromised in a cyberattack, expanding potential casualties beyond financial losses.

Risk management executives cannot confront this issue alone. Because the responsibilities of management and boards of directors are not limited to having a thorough understanding of cybersecurity issues, they must also be aligned on a clear-cut strategy for both preventing and responding to cyberattacks. This strategy includes efforts to improve education, implement preparation measures before an attack strikes and continued adherence to best practices in all board-related activities.

Awareness and Education

At the most fundamental level, boardrooms must increase the company’s resiliency in the face of cybersecurity threats by increasing awareness of the topic and the associated risks. Unfortunately, boardrooms are struggling to properly educate directors on the topic: a 2012 Carnegie Mellon poll of how U.S. boards are managing cyber risks found that 71% rarely or never review privacy and security budgets, 80% rarely or never review roles and responsibilities, and nearly two-thirds rarely or never review top-level policies. Additionally, more than half of directors surveyed rarely review security program assessments. Every director should make cybersecurity a topic on the board’s agenda and ask questions if there is any confusion or doubt.

Preparation

Directors who are properly aware and educated on the topic of cybersecurity are therefore more prepared and versed in the case of a crisis, not only as individuals but as a collective management team. Given the potential economic consequences of these attacks, it is essential that boardrooms are aligned on the company’s response strategy. It is critical that there be a clear understanding among all levels of a management team about who is responsible for managing this issue. Directors who are familiar with their company’s IT department are better able to determine if the team is equipped to effectively address cybersecurity. Cyber policies must remain updated and understood by all in order to decrease chances for exposure.

Best Practices

A critical part of boardroom preparedness is ensuring that directors are pursuing best practices to decrease changes for exposure and there increase resiliency. There are several practices companies can adopt to ensure this level of preparation:

  • Education and preparation: Board members must be educated on cybersecurity and its risks so that they are prepared to manage any situation or crisis. Oftentimes, companies increase their vulnerability by failing to provide directors with the proper tools and information.
  • Secure communication: Companies must provide board members with a secure way to share and communicate about critically sensitive information. In order to prevent careless oversharing, this information should never be sent via email. Board members must have a thorough understanding of cloud services. Although these solutions provide an easy way to upload and download files, many have been successfully hacked, compromising private files and email addresses.
  • Collaborate and strategize: When directors have a clear understanding of cyber security and the associated risks, they are more equipped to collaborate and strategize around managing any issues related to cybersecurity. With increased board-level conversation about cybersecurity, directors are able to determine if managing cybersecurity is the purview of the audit committee, a separate committee, the company’s IT department or CIO.

Education, awareness and preparedness are critical components to help mitigate vulnerability and risks of cyberattacks. Boardrooms must be open to embracing new strategies and technologies in order to ensure their communication capabilities are secure while remaining fast and accessible. Organizations need to prioritize cybersecurity training to ensure that boardrooms are acting in the company’s best interest and are confident in its cyber crisis response strategy. Although risk has been an evolving factor impacting businesses of all types and sizes throughout history, cybersecurity presents a new challenge—and it is one that can be confronted successfully with the correct management strategy and tools.

Data Analytics as a Risk Management Strategy

Posted on by

In our increasingly competitive business environment, companies everywhere are looking for the next new thing to give them a competitive edge. But perhaps the next new thing is applying new techniques and capabilities to existing concepts such as risk management. The exponential growth of data as well as recent technologies and techniques for managing and analyzing data create more opportunities.

Enterprise risk management can encompass so much more than merely making sure your business has purchased the right types and amounts of insurance. With the tools now available, businesses can quantify and model the risks they face to enable smarter mitigation strategies and better strategic decisions.

The discipline of risk management in general and the increasingly popular field of enterprise risk management have been around for years. But several recent trends and developments have increased the ability to execute on the concept of enterprise risk management.

First, the amount of data being produced everywhere has exploded and continues to accelerate. The typical executive today is swamped by data coming from all directions. Luckily, just as the raw amount of data has grown, the cost of the hardware to store data has decreased at an exponential rate. For example, in the last 10 years, retail hard-drive costs have dropped from about $1.20 per gigabyte (GB) in 2004 to about 4 cents per GB today. What’s more, the cost of hardware to store all that enterprise data is quickly becoming negligible.

But such huge amounts of data present a problem: Somebody has to manage and analyze it. All data is not equally important or relevant to the problems business executives need to solve or the risks they’re trying to manage. The explosion of data has created a greater amount of helpful and relevant data, but it can get lost in an even greater amount of useless, irrelevant, and distracting data. So an effective data management and analytics program is crucial to take advantage of the opportunities resident in the new flood of data.

One job of analytics is to sort the important from the unimportant and analyze and synthesize the data in new ways that create actionable information. Fortunately, the tools and techniques to manage large volumes of data have been progressing over the past several years. In particular, there has been a lot of buzz about big data. The field of big data has developed from a specific platform to manage large volumes of data into an entire ecosystem of related technologies. These tools are critical to the process of picking out the grains of useful intelligence from the vast quantities of distracting chaff that are characteristic of many big data sources.

Of course, all the recent technical developments and analytic techniques that make it possible to extract actionable information from a flood of data are all professionally exciting—if you’re an analyst. However, analytics for analytics’ sake does not help an organization. Often, analytics groups can remain isolated from the business itself. When such groups ultimately present what they have discovered, they may simply talk about the part most interesting to them—the analytics process—rather than focusing on the resulting information.

It is important to remember that actionable information is the ultimate goal of the entire exercise. The information must reach the decision makers in an understandable form when it is needed—the right information at the right place and at the right time. When designing information systems or even just presenting information to business executives, it is important for technical professionals to keep technical details to a minimum and focus on the actionable information.

A feedback mechanism is critical. Users of the information must have a method to tell the creators of the information whether it was sufficient, correct, timely and understandable.

It’s been said that the three most important factors in real estate are location, location, and location. Similarly, the three most important factors in effective analytics are data, data, and data. Good data can sometimes make up for mediocre analytics, but even the best analytics will never produce anything useful from poor data.

Where should a business begin to leverage the new data and risk analytics? It has to start with the data itself. So start collecting and storing the data that’s available to you. Every business generates vast amounts every day. Collecting, managing, and analyzing internal data is necessary; but by looking outside the organization at social media, government data sources and third-party data vendors, a company can really begin to illuminate the environment in which it operates.

Managing data for analytics is a specialized field in its own right, and a topic for another day. But the business that can effectively leverage data and analytics to manage the risks it faces will be rewarded by seeing the future more clearly, making better decisions and ultimately being more successful than those companies that cannot.