former employee = current data thief

Fifth Circuit Upholds Conviction for Insider Misuse Causing Damage Under CFAA

In United States v. Anastasio N. Laoutaris, the United States Fifth Circuit Court of Appeals affirmed a jury verdict finding Laoutaris guilty of two counts of computer intrusion causing damage, in violation of 18 U.S.C. § 1030(a)(5)(A) and (c)(4)(B)(i) of the Computer Fraud and Abuse Act. Laoutaris had been an IT engineer for Locke Lord … Continue reading Fifth Circuit Upholds Conviction for Insider Misuse Causing Damage Under CFAA

What is “reasonable cybersecurity” and how do courts view it? (SecureWorld interviews)

What is "reasonable cybersecurity" and how do courts view "reasonable cybersecurity"? See KnowB4's discussion of these interviews These are two excellent questions that I was asked and I answered, as succinctly as I could, in two short interviews with SecureWorld. Tell me what you think about my answers. What Is Reasonable Cybersecurity? - SecureWorld article … Continue reading What is “reasonable cybersecurity” and how do courts view it? (SecureWorld interviews)

Uber’s CISO Makes Case for Uniform National Data Breach Notification Law

Uber's Chief Information Security Officer (CISO), John Flynn, made a case for a uniform national data breach notification law in his testimony to members of Congress (see penultimate paragraph of full written testimony): I would like to conclude by stating that we strongly support a unified, national approach to data security and breach standards. We are … Continue reading Uber’s CISO Makes Case for Uniform National Data Breach Notification Law

Uber CISO’s Testimony Clarifies Payment to Hackers was Not Legitimate Use of Bug Bounty Program

As bits of information about the Uber data breach have trickled out, including the purported payment through a bug bounty program, I have been concerned about the implications on legitimate corporate bug bounty programs. My concerns grew when I read the New York Times article, Inside Uber’s $100,000 Payment to a Hacker, and the Fallout.  … Continue reading Uber CISO’s Testimony Clarifies Payment to Hackers was Not Legitimate Use of Bug Bounty Program

House panel to DHS, FBI: help small biz with cybersecurity – start with good cyber hygiene

The following testimony excerpts are very similar to what the #CyberAvengers have been preaching, and for good reason, it is the truth. Checkout the #CyberAvengers Tools for where to begin. Richard Driggers, DHS deputy assistant secretary for the cybersecurity and communications, said that basic computer hygiene, such as regular software updates, could keep small businesses … Continue reading House panel to DHS, FBI: help small biz with cybersecurity – start with good cyber hygiene