E-mail exposure: Is your company liable?
Watch out! You may be responsible for gremlins in your corporate e-mail.
Computerworld - Brace yourself: You could be legally responsible for worldwide network security. OK, that may be an overstatement, but it does capture the essence of what's ahead. Companies that pass viruses, worms or any type of malware to other companies via electronic transmissions such as e-mail could find themselves in court, say legal and security experts. And they could be held liable for damage done, even if they unintentionally spread such cyberpests.
"There's very little question that it's going to come. The concept of due diligence has done nothing but push its way out into the consciousness of everyone in this country," says Charles Hibnick, chief systems security architect at AvMed Health Plans Inc., a health insurance company in Miami.
The stage is being set for such action, experts say. Federal laws, government agencies and private organizations are setting new standards for network and Internet security. Meanwhile, lawyers are testing various legal theories for punishing cyberspace criminals. And some companies with established relationships are signing contracts detailing security expectations that prohibit even the accidental transmission of malware.
Given all this, can litigation be far off?
"I do think we are looking at this type of litigation in the future. And I think it's going to happen sooner rather than later," says Rodger Cole, a litigation partner at Fenwick & West LLP in Mountain View, Calif.
Image Credit: Emmanuel Kerner
Some cases involve companies inadvertently releasing viruses, worms and the like, she says. Others involve contractual liability in situations where companies had agreements to keep systems secure. Davis says these cases haven't wound up in court - yet - because executives prefer to avoid the media spotlight on such issues.
"You certainly have claims. What people usually do is turn it against their own corporate insurance policies," she says, adding that traditional policies generally won't cover such claims, however.
Given the state of electronic communications, the potential for getting into trouble is staggering.
"If you're operating on the Internet today, there is some level of constant attack activity," says Art Manion, an Internet security analyst at the CERT Coordination Center at Carnegie Mellon University's Software Engineering Institute.
Viruses, worms, Trojan horses, botnet zombies, distributed denial-of-service attacks, hacking, blended threats -- they're all out there, and many can hitch rides with e-mails and electronic transmissions, including instant messages.
"We're up to
- 5 eDiscovery Challenges Solved eDiscovery challenges continue to present themselves as data storage becomes more complex and grows the Big Data Era. Read this CommVault Solution Brief...
- Windows® XP Migration: Protect and Secure Critical Data With the end of the Microsoft Windows XP operating system's lifecycle on April 8, 2014, businesses are faced with the decision to migrate...
- Cybersecurity Imperatives: Reinvent your Network Security The Rise of CyberSecurity
- Cybersecurity for Dummies eBook This book provides an in-depth examination of real-world attacks and APTs, the shortcomings of legacy security solutions, the capabilities of next-generation firewalls, and...
- PST Archiving: What is it and How is it Done? Learn more about what PST data is, the risks relating to it, and how the new PST Archiving feature in the Simpana 10...
- HP DevOps KnowledgeVault This interactive resource focuses on the evolution taking place in the world of software development, specifically the Agile development framework, and the gap... All Gov't Legislation/Regulation White Papers | Webcasts
Computerworld has launched its annual search for outstanding IT leaders who align technology with business goals. Nominate a top IT executive for the 2015 Premier 100 IT Leaders awards now through July 18.