Category: Cybersecurity Law

Podcast: #DtSR Episode 410 – TPA CISO Accountability Problems

I was a guest recently on the Down the Security Rabbithole Podcast with Raf Los, James Jardine, and Brandon Dunlap for episode 410 titled TPA CISO Accountability Problems. As they described it: Because we can’t get enough of Brandon Dunlap and Shawn Tuma over here on the podcast, here we go again. Last episode Brandon…

Read More

Podcast: #DtSR Episode 408 – Shawn Tuma Cyber Superhero :)

I was a guest recently on the Down the Security Rabbithole Podcast with my good friends Raf Los and James Jardine who cleverly (and, kindly) titled this episode “Shawn Tuma Cyber Superhero” — thanks, guys! Anyway … as they described it: This week, on episode 408 Shawn Tuma joins us again to talk about the…

Read More

What Can Happen if You Do Not Notify Following a Data Breach?

Here is one of the questions we get asked most often: “Ok, so we’ve had a real data breach and you say we have clear notification obligations, what can happen if we just ignore it and pretend it never happened — that is, we just don’t notify?” Unfortunately, this question is oftentimes coupled with this…

Read More

***URGENT*** MEMO TO: “The IT Guy” / MSP After Ransomware Attack

Here’s a pro tip for “The IT Guy” or MSP whose customer has just been hit with ransomware, when it was their responsibility to protect against it: No matter how strongly you may feel about this issue, when your client is contemplating possibly paying the ransom to get their network recovered (and, save themselves from…

Read More

Texas Bar Journal 2019 Cybersecurity & Data Privacy Update

The Texas Bar Journal’s 2019 year-end Cybersecurity & Data Privacy Update was once again provided by Shawn Tuma and addressed the following issues: Texas’ New Data Breach Notification Requirements effective January 1, 2020 Whether website scraping allegations are sufficient to invoke Texas and federal “hacking” laws Whether viewing pictures on another’s cellphone violates Texas “hacking” law Cyber…

Read More

Cyber Insurance Becoming a Necessity, No Longer a Luxury for Prepared Companies (publication)

Many thanks to CPO Magazine for publishing my recent article Cyber Insurance Becoming a Necessity, No Longer a Luxury for Prepared Companies. In reality, there is no “secure” — even when the best security measures are taken. When hackers want to get in and disrupt a business, they will. Companies must be resilient, and the…

Read More

Ransomware is the single greatest risk your company faces – here’s why

You read that correctly: ransomware is the single greatest risk to your company. Even in times of the COVID-19 global pandemic, ransomware is still the one risk where, tonight, the company CEO can lay her head down on her pillow with the company doing fine, profits up and operations running smoothly, and then wake up…

Read More

Explaining Third Party Cyber Risk and the Role of Contracts to Business Lawyers

This morning I am in Austin, TX about to speak to a room full of business lawyers about the importance of understanding and managing third party cyber risk and the role that contracts have in this process. I recognize that they are not aspiring to be cyber or privacy lawyers and have plenty to keep…

Read More

Healthcare Providers – Are You Prepared for Hackers to Tell Your Patients About Your Ransomware and Data Breach?

If you are a healthcare provider, you need to prepare yourself now for the new reality that, when hackers get into your network, they will contact your patients to put pressure on you to pay their ransom demands — usually after they have encrypted your network. Here is an example from a recent case that…

Read More

Is #ShameHacking Coming Next? Hackers Breach Search Engine for Japanese Sex Hotels

Shame hacking — the use, or threatened use, of purportedly hacked data for embarrassing or extorting people by threatening to expose such compromising data if they do not comply with the demands made of them — is a thing. A search engine for Japanese sex hotels just announced a breach whereby hackers may have accessed…

Read More
%d