The End of Security as We Know It

Cryptocurrency

If you listen very carefully, the age of information security as we know it ended recently, not with a bang, but with a whimper.  While that may be something of an overstatement, a recent event put us on the track to that very end.

Consider the “old-way”: Your company decides to engage a vendor to provide services or products in which the vendor will have possession of, hosting of, access to, or other use of your sensitive data or interaction with your production systems.  In those cases, a prudent company would do three things to address information security. First, they would conduct due diligence of the vendor’s security practices, including past security incidents, compliance with recognized security standards, security policy review, etc.  Second, they would include specific, strong protections in their contract with the vendor addressing the vendor’s obligations with regard to security, including service level obligations to ensure the availability of critical data.  Finally, a prudent company would conduct post-contract execution audits and inspections to ensure the security requirements in the agreement are being followed.

Continue reading this entry

Strategies for Protecting Against Vendor Payment Fraud

balance sheet

Cybercrime is an ever-increasing threat from which manufacturers are not immune. Although reliable statistics are not available, one particular type of scheme that seems to be on the rise is vendor payment fraud.  In cases of vendor payment fraud, the fraudster poses as an existing supplier and provides the manufacturer with seemingly legitimate instructions changing the account payment information.  The exact means by which vendor payment fraud schemes are perpetrated can take many forms.  However, the most sophisticated and hardest to detect schemes often involve “hacking” into the vendor’s systems and sending a seemingly legitimate email or other instruction directing the change.

Continue reading this entry

Have Electric Scooters Pushed Cities Too Far?  

In our May 31 article, “Scooters – The Next Mobility Wave”, we talked about how electric scooters such as Lime, Bird, and Spin have been taking cities by storm. We noted how they are many times met with enthusiasm by the younger and more adventurous residents who can easily find a scooter using an app on their phone, unlock it by scanning a code on the handle, and off they go. On the other hand, cities and municipalities, are cautious to embrace the new technology (sound familiar?), frequently at the behest of the older or less technologically adept residents. Often, these cities cite a host of problems, including pedestrian injuries, people riding on sidewalks, riders not wearing helmets and unused scooters blocking walkways and critical access to curb space. Across the country, cities’ approaches to handing these new forms of transit have been mixed, at best, and convoluted at worst.

Continue reading this entry

3D Printing Continues Making Inroads in Auto Industry

Additive manufacturing (aka 3D printing) has long been a growing part of the auto industry.   Companies started out using 3D printing for prototypes and small batch production.  As technology advanced, the role of 3D printing is rapidly increasing.  This week, several major players in the auto industry announced new developments for the role of 3D printing in the industry.  HP unveiled its “Metal Jet” 3D printers, which it describes as 50 times more productive, with lower operating and purchase costs than existing technology.  HP has already partnered with suppliers in the auto industry on the technology, and GKN Powder Metallurgy is already using the printers in its factories.

Continue reading this entry

Is California’s Consumer Privacy Act of 2018 going to be GDPR version 2?

California

While there is time before the California Consumer Privacy Act of 2018 comes into effect, which is January 1, 2020, businesses need to start planning now for compliance. The CCPA provides California consumers with significantly expanded rights as to the collection and use of their personal information by businesses. It covers any business meeting revenue or data collection volume triggers and that collects or sells information about California residents.

Continue reading this entry