Baker Hostetler partner Judy Selby asks, "What do Sony Corp.'s PlayStation Network, Zappos.com, Hannaford Brother Co.'s grocery stores, and South Carolina's Department of Revenue all have in common?"

If you answered serious data breaches involving the personal and financial information of over 100 million users, 24 million customers, and 3.6 million unencrypted Social Security numbers respectively, you get the gold star.

But now that data breaches are rampant — with a Ponemon Institute survey reporting 50 organizations experiencing 72 cyberattacks per week — not to mention the compliance issues these attacks raise with federal laws such as the Health Insurance Portability and Accountability Act and Gramm-Leach-Bliley, what are corporate entities expected to do about it?

Selby suggests some of the issues raised by cyberattacks can be met by the aptly named "cyberinsurance." While some may see hype and scareware in this growing line of coverage, Selby lists some of the benefits of cyberinsurance policies, which can range from covering violations of privacy laws that includes paying fines to "cyber-extortion," or meeting the expenses of a threat to disrupt a company's (or law firm's or government agency's) computer systems. Coverage is also available for threats to or attacks on a policyholder's reputation.

Another area covered under the cyberinsurance umbrella is cloud computing, since, as Selby writes, "Cloud customers may not be able to contractually transfer the risk of data breaches to the provider." Some might argue that if a cloud provider doesn't have its own policy in place for cyberattacks, don't sign the contract and seek out a safer cloud. Others might counter you should find coverage where you can.

Read the full article on LTN online.

Image by Dan Hilowitz

The way you type on your computer's keyboard is as unique as your handwriting, and may even be a matter of national security, an Iowa State University engineering professor says.

In the land of digital investigations, investigators and data collectors may find, in the not too distant future, the need for a custodian to stand by to enter their password for system access.

Thanks to a $500,000 research grant from the U.S. Defense Department, they're looking for better ways than hacker-prone passwords to protect its systems, and are betting that ISU Professor Morris Chang is right. Chang, recently quoted in USA Today, an associate professor of electrical and computer engineering, said we all take unique pauses between keystrokes, especially when typing complicated words.  "When you spell a particular word, you may have a tendency to pause at a certain character," Chang said. "Your pause would be different than mine."

Warm thanks to the Colorado Association of Litigation Support Professionals for the invitation to participate in its fifth annual E-Discovery Summit — especially leaders Shari Bjorkquist Rich and Jeff Staal. It was a fascinating day, here's a link to my report from today's Law Technology News website. 

In addition to the presentations from U.S. District Court (Colorado) Magistrate Judge Michael Hegarty, left, and Quarles & Brady partner William Hamilton (below right), that are detailed in the article, other panelists included Cheryl Proctor, director of client services at Baker Donelson Bearman Caldwell & Berkowitz; and Patrick O'Rourke, of the Office of the University Counsel at the University of Colorado. Proctor detailed how her firm handles EDD decisions; O'Rourke offered tips to using technology to enhance jury presentations. 

Hamilton did double duty, subbing for Perkins Coie's Debra Bernard who had a last minute conflict and could not present her scheduled discussion of the 7th Circuit EDD pilot program -- a closely watched experiment that is generating raves, and is expected to be cloned in other jurisdictions. Hamilton is the new dean of Bryan University's online program that offers a graduate certificate in e-discovery, and has been chair of the advisory board of the Association of Certified E-Discovery Specialists.

I offered an overview of some of the key 2011 legal technology issues, including the controversy over e-discovery certification and the failure of law schools to educate students on law practice management and EDD; the EDD ramifications of the "consumerization" of technology (read: Apple) within legal organizations; associate insider trading; and more.

Images: Hegarty (Monica Bay), Hamilton (Courtesy of Quarles & Brady).

The report: "Leaking Vault 2011 — Six Years of Data Breaches" analyzes 3,765 data loss incidents, with a known disclosure of 806.2 million records. The organizations listed in the report lost a staggering 388,000 records per day (15,000 records per hour) every day for the past six years! The estimated cost for these breaches totals more than $156 billion dollars.

Laptops remains the leader in incidents, but e-docs is fast growing. Documents have been trending upward for several years and is a potential contender to overtake laptops as the incident leader. I highly recommend this report to anyone interested in data loss prevention and security surrounding e-discovery.  A full copy of the report is available here.