Category: Data Breach

SEC Continues to Emphasize Importance of Cybersecurity and Cyber Risk Governance

“While this is an oversimplification of all of the requirements and nuances of the forthcoming SEC rules, the SEC’s objectives are to require companies to provide meaningful and actionable information to shareholders to better understand companies’ cyber risks and how companies are managing and responding to them. From a very high level, this can be…

Read More

Shawn Tuma Provided Texas Bar Journal 2022 Cybersecurity & Data Privacy Year in Review Update

Shawn Tuma provided the Texas Bar Journal’s 2022: The Year In Review – Cybersecurity & Data Privacy Update which addressed the following issues: updated Texas cyber event notification requirements for Texas state banks Texas AG enforcement of data protection laws federal and state hacking laws former owner of company accessing company network attorney immunity for…

Read More

“Data is the hot potato!” — some data governance lessons from the Twitter Whistleblower Testimony

Hopefully you saw my recent post “Data is the hot potato!” and data minimization lessons from the FTC’s Drizly case and it reinforced in your mind just how important it is to focus on the data when we are talking about cyber and privacy risk management. If it didn’t, that’s ok, here’s another reminder. My…

Read More

“Data is the hot potato!” and data minimization lessons from the FTC’s Drizly case

Thank you, Jamie Sorley! I have a few sayings about cybersecurity and data privacy but one of my favorites is “data is the hot potato!” When doing presentations, I love to have the attendees chant over and over in unison, “Data is the hot potato! Data is the hot potato! Data is the hot potato!”…

Read More

Cyber Incident Response Preparation and Your Board Pt.2 – The Above Board Show

“Amateurs talk about strategy and tactics. Professionals study logistics.” – General Omar Bradley It was great to be a guest on The Above Board Show hosted by my friends Raf Los and Grant Sewell where we discussed what “The Board” needs to know about security incidents and getting prepared for the worst day ever for…

Read More

Not all HIPAA privacy “breaches” are caused by “hackers” — dentist gets $50k penalty for responding to patient’s Google review

When thinking of HIPAA data breaches, most of us tend to think of situations where the hackers engage in malicious activities against hospitals and steal troves of patients’ protected health information (PHI). There are, however, other much simpler kinds of HIPAA privacy breaches that are easily avoidable and can be quite costly to the healthcare…

Read More

Shawn Tuma Provided Texas Bar Journal 2021 Cybersecurity & Data Privacy Year in Review Update

Shawn Tuma provided the Texas Bar Journal’s 2021: The Year In Review – Cybersecurity & Data Privacy Update which addressed the following issues: updated Texas data breach notification requirements federal and state hacking laws whistleblower claims for reporting cybersecurity deficiencies within an organization authority of consent for search warrants and password protected devices Read more…

Read More

Cyber Insurance Fact vs Fiction (i.e., dispelling the myths!): #DtSR Podcast Episode 454 with Sean Scranton & Raf Los

My friend and cyber insurance underwriter guru Sean Scranton and I were guests on the Down the Security Rabbithole Podcast with Raf Los for episode 454, Cyber Insurance Fact vs Fiction.  It is always fun to join the #DtSR Podcast and this time was no disappointment! In Episode 454 we discuss all things cyber insurance from…

Read More
%d bloggers like this: