Explaining Third Party Cyber Risk and the Role of Contracts to Business Lawyers

This morning I am in Austin, TX about to speak to a room full of business lawyers about the importance of understanding and managing third party cyber risk and the role that contracts have in this process. I recognize that they are not aspiring to be cyber or privacy lawyers and have plenty to keep … Continue reading Explaining Third Party Cyber Risk and the Role of Contracts to Business Lawyers

Healthcare Providers – Are You Prepared for Hackers to Tell Your Patients About Your Ransomware and Data Breach?

If you are a healthcare provider, you need to prepare yourself now for the new reality that, when hackers get into your network, they will contact your patients to put pressure on you to pay their ransom demands — usually after they have encrypted your network. Here is an example from a recent case that … Continue reading Healthcare Providers – Are You Prepared for Hackers to Tell Your Patients About Your Ransomware and Data Breach?

Is #ShameHacking Coming Next? Hackers Breach Search Engine for Japanese Sex Hotels

Life is short - it is shorter when hackers tell your spouse Shame hacking -- the use, or threatened use, of purportedly hacked data for embarrassing or extorting people by threatening to expose such compromising data if they do not comply with the demands made of them -- is a thing. A search engine for … Continue reading Is #ShameHacking Coming Next? Hackers Breach Search Engine for Japanese Sex Hotels

Was the ransomware attack on 20+ Texas local governments an attack on a single service provider? [UPDATE: YES!]

The Texas local governments attack seems to me to be more akin to the trend we have been seeing in 2019 with attackers targeting one MSP and then using that access and the MSP’s tools to attack / encrypt the MSP’s individual clients. If I’m not mistaken (and, I could be), the Texas DIR often … Continue reading Was the ransomware attack on 20+ Texas local governments an attack on a single service provider? [UPDATE: YES!]

Texas AG: Business Must Implement and Maintain Reasonable Cybersecurity Safeguards

Go here to read: Texas Businesses Must Implement and Maintain Reasonable Cybersecurity Safeguards According to State Attorney General