5 Key Things In-House Counsel Can Do to Help Their Businesses’ Cybersecurity

internet screen security protection
Photo by Pixabay on Pexels.com

Cybersecurity is a team sport and many people within a business must work together to help effectively manage their businesses’ cyber risk. In-house counsel plays a critical role in this process. A recent Law360 article (subscription required) identified the following key things they can do:

  1. Develop, implement, and table-top test an incident response plan
  2. Advise executives on their ethical obligations (and make sure to mention insider trading on knowledge of cyber incidents)
  3. Have an awareness of applicable laws and regulatory standards
  4. Understand and help manage third-party risk from vendors and business partners

I am adding one more because it is critical: Ensure the business has appropriate cyber insurance to address its unique risks.

Beware: a new scam using key elements of phishing and shame hacking

Cybercriminals are using yet another new twist on the old email phishing attack: they email people claiming to have infected porn sites with malware that allowed them to take over the recipient’s webcam and record them sitting at their computer watching porn and if they don’t pay up, the video is going public. I discuss this new method of attack in the video above.

For people who know they have never watched porn on their computers, this probably isn’t too effective. For everyone else, this threat of public shaming can be a powerful motivation to comply with the extortion demand.

This is another example of what I have often described as shame hacking, the use, or threatened use, of purportedly hacked data for embarrassing or extorting people by threatening to expose such compromising data if they do not comply with the demands made of them.

Shame hacking is one more way that cyber criminals have learned to monetize the fruits of their criminal actions and represents an increasing trend for how hacked information can and will be used for many ways. I have blogged about other cases where hackers have relied on shame hacking for profit.

Dallas / Fort Worth CBS News station in Dallas / Fort Worth did a story about this latest attack and invited Shawn Tuma on to explain more about it. See story here

Why do you need a cyber attorney? Shawn Tuma explains in Ethical Boardroom

spring2018In my latest article in Ethical Boardroom article, I explain some of the not-so-obvious reasons why you need an experienced cyber attorney on your team: Why you need a cyber attorney (Spring 2018)

Here are other Ethical Boardroom (@EthicalBoard) articles that I have written or contributed to that are also available for free:

GDPR, snooping tech, and data privacy — what does this all mean? Shawn Tuma explains

The EU’s GDPR, devices and services snooping on our privacy, and data privacy law – what does this all mean?

Shawn Tuma explains to CW33’s Morning Dose why the EU’s General Data Protection Regulation (GDPR) can be a positive step in the long run for simplifying data security and data privacy when compared to the multitude of different federal, state, and local laws in the United States.

Shawn Tuma discusses on The Michelle Mendoza Show on Seattle’s 820 AM, The Word

 

The EU’s GDPR, attorney Shawn Tuma discusses on the Steve Gruber Show

 

See also: INTEGRATING AMAZON’S “REKOGNITION” TOOL WITH POLICE BODY CAMERAS — SHAWN TUMA DISCUSSES ON CW33 MORNING DOSE

______________________

Shawn Tuma (@shawnetuma) is an attorney with an internationally recognized reputation in cybersecurity, computer fraud, and data privacy law. He is a Cybersecurity & Data Privacy Attorney at Scheef & Stone, LLP, a full-service commercial law firm in Texas that represents businesses of all sizes throughout the United States and, through its Mackrell International network, around the world.

Integrating Amazon’s “Rekognition” Tool with Police Body Cameras — Shawn Tuma Discusses on CW33 Morning Dose

There has been an outcry over law enforcement using Amazon’s “Rekognition” facial recognition tool and integrating it with their body cameras for nearly real-time identification capabilities. CW33’s Morning Dose had cybersecurity and data privacy attorney Shawn Tuma on as a guest to discuss this issue, as seen on this video:

 

Here is another story with additional commentary by Tuma (2:01 mark):

 

See also:  The EU’s GDPR, devices and services snooping on our privacy, and data privacy law – what does this all mean? Shawn Tuma discusses on The Michelle Mendoza Show on Seattle’s 820 AM, The Word

 

______________________

Shawn Tuma (@shawnetuma) is an attorney with an internationally recognized reputation in cybersecurity, computer fraud, and data privacy law. He is a Cybersecurity & Data Privacy Attorney at Scheef & Stone, LLP, a full-service commercial law firm in Texas that represents businesses of all sizes throughout the United States and, through its Mackrell International network, around the world.