Category Archives: Cybersecurity Law

Texas Developer Sentenced to 4 Years for “Kill Switch” Cyberattack on Former Employer

A former Eaton Corp. software developer received a 4-year federal prison sentence for deploying a “kill switch” that locked out thousands of users and caused over $360,000 in damages. Learn what happened and key lessons for businesses to prevent insider threats.

Privilege Requires Precision: Sixth Circuit’s Reminder for Internal Investigations

In a recent decision, the Sixth Circuit offered a timely reminder for legal teams conducting internal investigations: attorney-client privilege is powerful—but only when used with precision. In In re FirstEnergy Corp., No. 24-3654, 2025 WL 1234567 (6th Cir. Aug. 7, 2025), the court examined whether FirstEnergy could shield communications related to its internal investigation into alleged misconduct. …

Continue reading “Privilege Requires Precision: Sixth Circuit’s Reminder for Internal Investigations”

***URGENT*** MEMO TO: “The IT Guy” Re T/A Negotiations After Ransomware Attack

Here’s a pro tip for “The IT Guy” or MSP whose customer has just been hit with ransomware, when it was their responsibility to protect against it: No matter how strongly you may feel about this issue, when your client is contemplating possibly paying the ransom to get their network recovered (and, save themselves from …

Continue reading “***URGENT*** MEMO TO: “The IT Guy” Re T/A Negotiations After Ransomware Attack”

The Importance of GC+CISO Relationships in Cybersecurity (a New Project)

In early June 2024, my friend David Malicoat graciously invited me to be a guest on The Professional CISO Show and, while I was incredibly honored, I was a bit hesitant as well. I had just begun working on a concept (partially inspired by my friend Dena DeNooyer Stroh, most immediately, but also by my …

Continue reading “The Importance of GC+CISO Relationships in Cybersecurity (a New Project)”

Texas Attorney General Issues Consumer Alert Warning Texans of Potential Scams Following Nationwide CrowdStrike Outage

FOR IMMEDIATE RELEASEJuly 19, 2024www.texasattorneygeneral.govPRESS OFFICE: (512) 463-2050Communications@oag.texas.govAttorney General Ken Paxton Issues Consumer Alert Warning Texans of Potential Scams Following Nationwide CrowdStrike Outage   AUSTIN – Texas Attorney General Ken Paxton warned Texans of potential scams following the widespread CrowdStrike service outage.  Texans should be aware that bad actors can use cybersecurity incidents to take advantage …

Continue reading “Texas Attorney General Issues Consumer Alert Warning Texans of Potential Scams Following Nationwide CrowdStrike Outage”

OCR Settles HIPAA Security Rule Enforcement Action with Heritage Valley Health System Stemming from Ransomware Attack

On July 2, 2024, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement with Heritage Valley Health System (Heritage Valley), a healthcare provider operating in Pennsylvania, Ohio, and West Virginia. This is the OCR’s third ransomware settlement and is based on allegations of potential violations of the Health …

Continue reading “OCR Settles HIPAA Security Rule Enforcement Action with Heritage Valley Health System Stemming from Ransomware Attack”

Texas Attorney General Launches Major AI, Data Privacy, and Security Initiative

FOR IMMEDIATE RELEASEJune 4, 2024www.texasattorneygeneral.govPRESS OFFICE: (512) 463-2050Communications@oag.texas.gov Attorney General Ken Paxton Launches Data Privacy and Security Initiative to Protect Texans’ Sensitive Data from Illegal Exploitation by Tech, AI, and Other Companies  AUSTIN – Texas Attorney General Ken Paxton has launched a major data privacy and security initiative, establishing a team that is focused on aggressive …

Continue reading “Texas Attorney General Launches Major AI, Data Privacy, and Security Initiative”

Discussion on Cyber Security and Cyber Law Identity Governance Matters for #AuditTuesday Show

It was great to be a guest on the YouAttest #AuditTuesday show to talk about Cybersecurity and Cyber Law Identity Governance Matters. If you enjoyed this video, please join the discussion here on LinkedIn! https://youtu.be/wwEphvc7mN4?si=fa5yRK1dKUQAqIpO

Texas Bar Journal 2023 Cybersecurity & Data Privacy Year in Review

I am happy that I was able to provide the Texas Bar Journal’s 2023: The Year In Review – Cybersecurity & Data Privacy Update which addressed the following issues: how the Texas “hacking laws” and issue of “consent” impact the discovery of evidence of child pornography whether sending a malicious phishing email violates “hacking laws” …

Continue reading “Texas Bar Journal 2023 Cybersecurity & Data Privacy Year in Review”

Neural Privacy is Where It’s At — Brain Scanning Technology is Causing States to Look at Protecting the Privacy of Our Thoughts

UPDATES 2024.03.15 Neuralink is now being used to play chess! https://www.youtube.com/watch?v=LfwzfP8cp3A This morning I read an article about how brain scanning technology is causing Colorado and Minnesota to propose legislation that is aimed at establishing rights and protections for information collected from our thoughts through the neural signals that can be scanned and collected from …

Continue reading “Neural Privacy is Where It’s At — Brain Scanning Technology is Causing States to Look at Protecting the Privacy of Our Thoughts”