Business Cyber Risk
Analyzing the Global Impact of Cybersecurity, Law, and Business Risk
Business Cyber Risk

Feds Will Not Charge Good Faith Security Research Under the CFAA

On May 19, 2022, the U.S. Department of Justice directed prosecutors to not charge security researchers who report cybersecurity vulnerabilities in “good faith” with violations of the federal Computer Fraud and Abuse Act (CFAA). The DOJ’s press release titled Department of Justice Announces New Policy for Charging Cases under the Computer Fraud and Abuse Act…

Read More

Is This the Next Evolution of Cyber Risk Governance? The SEC Is About To Force CISOs Into America’s Boardrooms

The SEC is proposing to force boards to do what they haven’t done themselves, govern cyber risk. This article makes some excellent points and I believe it is logical to expect that this could be the next evolution for where cyber risk governance is going. “The trigger for the boards that I’m on came from…

Read More

Cyber Incident Response Preparation and Your Board Pt.2 – The Above Board Show

“Amateurs talk about strategy and tactics. Professionals study logistics.” – General Omar Bradley It was great to be a guest on The Above Board Show hosted by my friends Raf Los and Grant Sewell where we discussed what “The Board” needs to know about security incidents and getting prepared for the worst day ever for…

Read More

Not all HIPAA privacy “breaches” are caused by “hackers” — dentist gets $50k penalty for responding to patient’s Google review

When thinking of HIPAA data breaches, most of us tend to think of situations where the hackers engage in malicious activities against hospitals and steal troves of patients’ protected health information (PHI). There are, however, other much simpler kinds of HIPAA privacy breaches that are easily avoidable and can be quite costly to the healthcare…

Read More

Why does cyber warfare involving Russia and Ukraine increase the risk of cyberattacks against your business?

There are many reasons why the ongoing cyber warfare involving Russia and Ukraine increases the risk of cyberattacks against your business, but, one of the simplest explanations comes from a recent joint FBI and Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity Advisory (Destructive Malware Targeting Organizations in Ukraine) that was published on February 26, 2022:…

Read More

Increased Ransomware Threat in Wake of Russia Invasion of Ukraine — Shawn Tuma Discusses

With the Russian invasion of Ukraine well underway, cyber warfare and increased ransomware activity are imminent. Shawn Tuma was a guest on KNX News to discuss the implications for Americans from the government level down to the mom and pop businesses. Listen to the interview HERE. A senior FBI official has asked businesses and local…

Read More

Ransomware Attack Forces Company Into Bankruptcy

A ransomware attack forced United Structures of America Inc. into bankruptcy according to court filings. In May 2019, the Texas-based steel structure manufacturer was the victim of a ransomware attack that encrypted its data (including financial information, accounts receivable, etc.) and the software to run its manufacturing equipment. The company paid the ransom but decryption…

Read More

Shawn Tuma Provided Texas Bar Journal 2021 Cybersecurity & Data Privacy Year in Review Update

Shawn Tuma provided the Texas Bar Journal’s 2021: The Year In Review – Cybersecurity & Data Privacy Update which addressed the following issues: updated Texas data breach notification requirements federal and state hacking laws whistleblower claims for reporting cybersecurity deficiencies within an organization authority of consent for search warrants and password protected devices Read more…

Read More
%d bloggers like this: