Friday, October 29, 2021

Willie Sutton robbed banks “Because that’s where the money is.” Are law firms attractive targets because of their data?

https://www.databreaches.net/another-law-firm-gets-hit-and-yes-medical-info-was-in-its-files/

Another law firm gets hit….. and yes, medical info was in its files

Today’s reminder that law firms have a wealth of personal, sensitive, and medically related info that is often not covered by HIPAA.

Coughlin & Cerhart (C&G) law firm in New York experienced a security breach in early April. It is not clear from their press release whether this was a ransomware attack or not, and DataBreaches.net has reached out to them to ask for clarification on the nature of the attack, but for now, and of note:

What Information Was Involved? C&G determined that the information impacted by this event varied by individual but may include certain individuals’ names, addresses, Social Security numbers, driver’s license numbers, passport numbers, financial account information, medical information, and health insurance information

Their full press release can be found here.



What duty to act as ‘sole custodian?’

https://www.databreaches.net/uk-tesco-worker-compensated-after-supermarket-lost-15-years-of-her-medical-records/

UK: Tesco worker compensated after supermarket lost 15 years of her medical records

Tristan Cork reports:

A woman from Bristol has been awarded £3,000 in compensation after discovering Tesco had lost 15 years of her employment records, including sensitive medical information.
Jacqueline Ogborne worked for the supermarket chain for 30 years but said the data breach left her ‘feeling violated’.
The 55-year-old only discovered Tesco had lost her employment records, which included counselling notes and personal medical information about her post-natal depression, when she requested it all as part of a employment tribunal claim.

Read more on Bristol Live.



Were you expecting a massive fraud?

https://www.nytimes.com/2021/10/28/technology/clearview-ai-test.html

Clearview AI finally takes part in a federal accuracy test.

Clearview AI scraped more than 10 billion photos from the public internet to build a facial-recognition tool that it marketed to law enforcement agencies for identifying unknown people. Critics have said the company’s product is illegal, unethical and untested. Now, more than two years after law enforcement officers first started using the company’s app, Clearview’s algorithm — what allows it to match faces to photos — has been put to a third-party test for the first time. It performed surprisingly well.

In a field of over 300 algorithms from over 200 facial recognition vendors, Clearview ranked among the top 10 in terms of accuracy, alongside NTechLab of Russia, Sensetime of China and other more established outfits. But the test that Clearview took reveals how accurate its algorithm is at correctly matching two different photos of the same person, not how accurate it is at finding a match for an unknown face in a database of 10 billion of them.

NIST has been testing the accuracy of face recognition vendors since 2000, but participation is voluntary and testing isn’t required for government agencies to buy the technology. Though its accuracy had never been audited by NIST, Clearview AI claims thousands of local and state police departments as customers; a recent report from the Government Accountability Office also cited use by a number of federal agencies, including the F.B.I., the Secret Service and the Interior Department.



Tools & Techniques.

https://www.fedscoop.com/machine-learning-and-ai-may-help-5g-cloud-providers-detect-sophisticated-attacks-nsa/

Machine learning and AI may help 5G cloud providers detect sophisticated attacks — NSA

Artificial intelligence and machine learning systems may help 5G cloud providers detect the presence of sophisticated attackers and other security incidents, according to new guidance from the National Security Agency.

In a report published on Thursday, the intelligence agency said that while technology providers would have to balance data confidentiality requirements with the ability to inspect network traffic, sophisticated real-time continuous monitoring may be crucial in detecting the malicious use of cloud resources.

Stakeholders at all layers of the 5G cloud stack should leverage an analytic platform to develop and deploy analytics that process relevant data (cloud logs and other telemetry) available at that layer. The analytics should be capable of detecting known and anticipated threat, but also be designed to identify anomalies in the data that could indicate unanticipated threat,” the agency said in the document.

https://media.defense.gov/2021/Oct/28/2002881720/-1/-1/0/SECURITY_GUIDANCE_FOR_5G_CLOUD_INFRASTRUCTURES_PART_I_20211028.PDF



Perspective.

https://www.theverge.com/22749919/mark-zuckerberg-facebook-meta-company-rebrand?scrolla=5eb6d68b7fedc32c19ef33b4

MARK ZUCKERBERG ON WHY FACEBOOK IS REBRANDING TO META

For the first time in 17 years, Mark Zuckerberg has a new job title.

On Thursday, he officially became the CEO and chairman of Meta, the new parent company name for Facebook. The rebrand is about solidifying the social media giant as being about the metaverse, which Zuckerberg sees as the future of the internet. Zuckerberg is staying in control of everything. He told me in an interview that, unlike the founders of Google who stepped aside in 2015 when it became part of a holding company called Alphabet, he has no plans to give up the top job.



Rather insightful…

https://sloanreview.mit.edu/article/rethinking-assumptions-about-how-employees-work/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+mitsmr+%28MIT+Sloan+Management+Review%29

Rethinking Assumptions About How Employees Work

A management meme of the last year asks, “Who led digital transformation in your company?” The answer is not the CEO or COO or CIO. It’s COVID-19.

While darkly funny, it highlights an important point. The pandemic unleashed unprecedented levels of change in the business environment. In April 2020, soon after much of the world entered lockdown, Microsoft CEO Satya Nadella said, “We’ve seen two years’ worth of digital transformation in two months.”

… In this first of three articles, I lay out a set of assumptions about how employees work that may need rethinking in your business. In my next two articles, I will examine assumptions around the customer experience and digital transformation.



Perspective.

https://www.bespacific.com/how-do-you-define-legal-tech/

How Do You Define ‘Legal Tech’?

Artificial Lawyer: “What is legal tech? How can we define the term? It sounds easy, but try and figure out where it begins and where it ends, and you soon find yourself in a logic puzzle. Artificial Lawyer asked a range of experts from across the market how they would define ‘legal tech’. Here is what they said…

[snipped] Legal technology is generally understood to include technology and software aimed at the legal services market, which means it is necessarily quite broad. ‘However, I think the line needs to be drawn on whether the technology was conceived or designed to (i) support a lawyer to deliver services to clients in a new or more efficient way (ii) enable a consumer to access legal advice in new or more efficient way or (iii) to entirely disrupt a legal process.’ And that third aspect stands out, i.e. that it could be tech that isn’t just to help lawyers, or help people with legal services, but completely changes a legal process…”



Tools & Techniques

https://www.bespacific.com/the-research-and-writing-template/

The Research and Writing Template

Kitenge, Erick and Trautman, Lawrence J., The Research and Writing Template (August 26, 2021). Available at SSRN: https://ssrn.com/abstract=3911637 or http://dx.doi.org/10.2139/ssrn.3911637

While every business school discipline (accounting, business law, communication, economics, entrepreneurship, finance, management, marketing, organizational behavior, and strategy) each possess scholarly trends and momentary fashion, scholarly research and writing has developed over the years in a manner that lends itself to some useful generalizations. Particularly for young scholars who are new to the challenges of research methods, a clear picture of at least one acceptable approach to the articulation of a research problem seems useful. We have drafted this introductory reading with a view toward providing just that, some initial thoughts to prod the thinking about the research and writing process. We seek to provide a quick read of thirty minutes or less to set the stage for all the hard work, dismissed ideas, and blind alleys that inevitably confront the PhD student about to embark on a journey that will hopefully lead, just a few years later, to a relatively quick (maybe a year or two less than the norm) completion of a thoughtful, cogent, and important dissertation having “real world” scholarly impact.”


No comments: