Author: Shawn E. Tuma

Shawn Tuma is an attorney who is internationally recognized in cybersecurity, computer fraud and data privacy law, areas in which he has practiced for nearly two decades. He is a Partner at Spencer Fane, LLP where he regularly serves as outside cybersecurity and privacy counsel to a wide range of companies from small to midsized businesses to Fortune 100 enterprises. You can reach Shawn by telephone at 972.324.0317 or email him at stuma@spencerfane.com.

Working From Home During COVID-19? Five Things You Should be Doing–But Probably Are Not–To Be More Cyber Secure (publication)

Many thanks to the Texas Bar Journal for publishing my recent article, Working From Home During COVID-19? Five Things You Should be Doing–But Probably Are Not–To Be More Cyber Secure, in the Cybersecurity Issue: Without an understanding of the particular organization or the unique risks it faces, it is impossible to know what is best or…

Read More

The Art of Cybersecurity: How Sun Tzu Masterminded the FireEye / US Agencies / SolarWinds Cyberattacks

Sun Tzu taught that, when it comes to the art of cybersecurity, you must be wary of your business partners and other third parties. Why? Unless you are living under a rock, you should have heard that FireEye–perhaps the preeminent cybersecurity firm on the face of the planet–was the victim of a successful cyberattack. So…

Read More

***URGENT*** MEMO TO: “The IT Guy” RE: Securing RDP Access–Changing the RDP Port Does Not Work!

***URGENT MEMORANDUM*** TO:   “The IT Guy” FROM:   Your clients’ Incident Response Coach SUBJECT:   Securing RDP Access–Changing the RDP Port Does Not Work! This Memo comes out of necessity, please take it seriously. I have now lost track of how many times over the past couple of months I have been on “scoping calls” with a…

Read More

Think your company is too sophisticated to be hit with a successful cyber attack? Ask FireEye …

A lot of business executives — and far too many IT professionals — think that their company’s IT systems are too sophisticated and well-maintained for their company to have a successful cyberattack against it. They think their company is doing it all right and this is only the kind of stuff that happens to “the…

Read More

2 Critical Cyber Insurance Issues All Companies Must Consider Now, Before an Incident!

There are two critical cyber insurance issues that every single company must understand right now, before they have an incident:  In today’s environment, every company has substantial cyber risk and every company needs cyber insurance. Period. Cyber insurance is not covered by typical business insurance and companies must have the right cyber insurance for their…

Read More

Simple Mistakes – Not Always “The Hackers” – Can Cause Substantial Data Breaches

It is not always the feared and dreaded “hackers” that cause the exposure and breach of confidentiality of sensitive personal information. Sometimes it’s just simple mistakes, but the consequences can be much the same. Consider this situation: NTreatment inadvertently exposed thousands of medical records online by neglecting to add password protection to one of its…

Read More

Think your company is too sophisticated to be hit with a ransomware attack? Ask Advantech …

A lot of business executives — and far too many IT professionals — think that their company’s IT systems are too sophisticated and well-maintained for their company to have a successful ransomware attack against it. They think their company is doing it all right and this is only the kind of stuff that happens to…

Read More

The Home Depot / State Attorneys General Settlement – My 1st and 2nd Thoughts

The Attorneys General of 46 states reached a $17.5 million-dollar settlement with The Home Depot, which was announced on November 24, 2020. Texas Attorney General Ken Paxton announced that this settlement was led by the Connecticut, Illinois, and Texas AGs and Texas will collect $1,777,440.00. I will have more to say about this settlement in…

Read More
%d bloggers like this: