[Annual Update] The Intersection of International Law and Cyber Operations: An Interactive Cyber Law Toolkit

The Cyber Law Toolkit is a dynamic interactive web-based resource for legal professionals who work with matters at the intersection of international law and cyber operations. At its heart, the Toolkit currently consists of 19 hypothetical scenarios. Each scenario contains a description of cyber incidents inspired by real-world examples, accompanied by detailed legal analysis. The aim of the analysis is to examine the applicability of international law to the scenarios and the issues they raise. The Toolkit was formally launched on 28 May 2019 in Tallinn, Estonia. Its first general annual update was published on October 2, 2020.

Collaborative Cyber Defense: The U.S. Army and Estonia Sign Historic Agreement

“Estonia is a cyber country of excellence with a robust cyber defensive system in terms of technology and people. Given their deep expertise, I believe they will have substantial lessons to share, which will be enormously helpful in finding efficiencies in our science and technology efforts while understanding how best to defend against cyber warfare,” said Robert Kimball, the C5ISR Center’s senior research scientist for cyber security. Kimball also noted Estonia is home to the NATO Cyber Defense Center and Cyber Range.

Considering the Challenge of Cloud Forensics? A New Publication from NIST

According to NIST in its recently published paper on forensic science challenges and the cloud, “Cloud computing has revolutionized the methods by which digital data is stored, processed, and transmitted.” The paper goes on to highlight that, “One of the most daunting new challenges is how to perform digital forensics in various types of cloud computing environments. The challenges associated with conducting forensics in different cloud deployment models, which may cross geographic or legal boundaries, have become an issue.” The complete paper, NIST Cloud Computing Forensic Science Challenges, published in August of 2020, aggregates, categorizes, and discusses the forensics challenges faced by experts when responding to incidents that have occurred in a cloud-computing ecosystem.

A New Model for Cybersecurity? NIST Details Framework for Zero Trust Architecture

As highlighted in NIST Special Publication 800-207, no enterprise can eliminate cybersecurity risk. However, when complemented with existing cybersecurity policies and guidance, identity and access management, continuous monitoring, and general cyber hygiene, a properly implemented and maintained Zero Trust Architecture (ZTA) can reduce overall risk and protect against common threats.

Cloudy Considerations? ESMA Draft Guidelines on Outsourcing to Cloud Service Providers

According to the European Securities and Market Authority (ESMA) Chair, Steven Maijoor, cloud outsourcing can bring benefits to firms and their customers, for example, reduced costs and enhanced operational efficiency and flexibility. Cloud outsourcing also raises important challenges and risks that need to be properly addressed, particularly in relation to data protection and information security. Financial markets participants should be careful that they do not become overly reliant on their cloud services providers. They also need to closely monitor the performance and the security measures of their cloud service provider and make sure that they are able to exit cloud outsourcing arrangements as and when necessary.

From Critical Infrastructure to Calamity Avoidance: Two Important Cyberspace Solarium Commission Reports on Cybersecurity

According to the recently published Cyberspace Solarium Commission report “Cybersecurity Lessons from the Pandemic,” the COVID-19 pandemic illustrates the challenge of ensuring resilience and continuity in a connected world. Many of the effects of this new breed of crisis can be significantly ameliorated through advance preparations that yield resilience, coherence, and focus as it spreads rapidly through the entire system, stressing everything from emergency services and supply chains to basic human needs and mental health. The pandemic produces cascading effects and high levels of uncertainty. It has undermined normal policymaking processes and, in the absence of the requisite preparedness, has forced decision-makers to craft hasty and ad hoc emergency responses.

A Cybersecurity Self Check? Medical Facilities Best Practice Test Criteria for Article 32 GDPR

According to the publishers, this paper is an aid to quickly checking your own security with regard to the availability of your own data processing within the meaning of Article 32 GDPR. The scope includes both the non-public as well as the public area. The work was created in a collaboration between the Bavarian State Office for Data Protection Supervision (BayLDA) and the Bavarian State Commissioner for Data Protection (BayLfD). 

Considering Cybersecurity? National Cyber Security in Practice: A New Handbook

“There are several international standards and guidelines for developing the cybersecurity of a single organization, but it is difficult to find comprehensive tools for national governments. This handbook – National Cyber Security in Practice – is designed to fill that gap. The articles, written by seasoned experts, will give the reader an overview of the key elements that underpin the cybersecurity architecture of any country,” highlighted Arvo Ott, Chairman of the Management Board of e-Governance Academy.

A Relevant Ransomware Scenario: The Targeting of Municipal Governments and Healthcare Providers

One of the cyber scenarios highlighted in the Cyber Law Toolkit describes the potential use of ransomware against municipal governments and healthcare providers. Given the pandemic and recession constraints in today’s world, this scenario and its potential implications are more relevant than ever and worthy of consideration by legal, business, and information technology professionals.

U.S. Department of Treasury Takes Actions to Counter Ransomware

According to Treasury Secretary Janet L. Yellen, “Ransomware and cyber-attacks are...

The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE): September 2021 Cyber Events Report

The twelfth installment in the cyber events series published by the...

[Legal Education Webcast] Breaches, Responses, and Challenges: Cybersecurity Essentials That Every Lawyer Should Know

Every large corporation and organization today face the significant threat of...

Classifying Ransomware? A Ransomware Classification Framework Based on File-Deletion and File-Encryption Attack Structures

This paper evaluates attack methodologies of a ransomware attack: the underlying...

Mitratech Acquires Alyne

According to Mike Williams, CEO of Mitratech, "The combination of Alyne...

Magnet Forensics Acquires DME Forensics

According to the announcement, under the terms of the agreement, Magnet...

Consilio to Acquire Legal Consulting and eDiscovery Business Units of Special Counsel from Adecco

According to Laurie Chamberlin, Head of Professional Recruitment and Solutions North...

Nuix Acquires Natural Language Processing Company

According to Nuix CEO Rod Vawdrey, “Topos will strengthen Nuix’s product...

A New Era in eDiscovery? Framing Market Growth Through the Lens of Six Eras

There are many excellent resources for considering chronological and historiographical approaches...

An eDiscovery Market Size Mashup: 2020-2025 Worldwide Software and Services Overview

While the Compound Annual Growth Rate (CAGR) for worldwide eDiscovery software...

Resetting the Baseline? eDiscovery Market Size Adjustments for 2020

An unanticipated pandemeconomic-driven retraction in eDiscovery spending during 2020 has resulted...

Home or Away? New eDiscovery Collection Market Sizing and Pricing Considerations

One of the key home (onsite) or away (remote) decisions that...

Five Great Reads on Cyber, Data, and Legal Discovery for September 2021

From countering ransomware to predictive coding and packaged services, the September...

Five Great Reads on Cyber, Data, and Legal Discovery for August 2021

From the interplay of digital forensics in eDiscovery to collecting online...

Five Great Reads on Cyber, Data, and Legal Discovery for July 2021

From considerations for cyber insurance and malware to eDiscovery business confidence...

Five Great Reads on eDiscovery for June 2021

From remediating cyberattacks to eDiscovery pricing, the June 2021 edition of...

More Keepers? Predictive Coding Technologies and Protocols Survey – Fall 2021 Results

From the most prevalent predictive coding platforms to the least commonly...

Glowing Expectations? Eighteen Observations on eDiscovery Business Confidence in the Summer of 2021

In the summer of 2021, 63.3% of survey respondents felt that...

Issues Impacting eDiscovery Business Performance: A Summer 2021 Overview

In the summer of 2021, 24.4% of respondents viewed increasing types...

Looking Up? eDiscovery Operational Metrics in the Summer of 2021

In the summer of 2021, 80 eDiscovery Business Confidence Survey participants...