Examining the Global Impact of AI + Cyber + Data + Privacy + Law = Business Risk
On September 30, 2017, I am speaking at the Regent University School of Law’s Law Review Symposium on The Expansion of Technology in the 21st Century: How the Changes in Technology are Shaping the Law and the Legal Profession in America. At the end of this post, I have provided links to additional publications I …
Continue reading “How Cybersecurity is Impacting People’s Rights (Regent University Symposium)”
In the wake of the Equifax and Securities and Exchange Commission’s data breach disclosures, there has been a lot of public outcry over the assertion that it took too long to disclose these data breaches to the public. “Too long” is a relative term, to start with, as I have little doubt that some people will …
Continue reading “Why do data breach disclosures often take too long? Let’s ask the SEC Chairman.”
This is intended to be an old-fashioned “blog” about thoughts on the Equifax data breach. It will be ongoing so please check back regularly. Topics Media interviews and commentary We are seeing shame hacking taken to a new level Will I lead a consumer class action lawsuit against Equifax? Lawsuits and investigations against Equifax What …
Continue reading “Musings about the Equifax Data Breach”
The SecureWorld News Team talked with Shawn Tuma about many of the lessons that can be learned from the Equifax data breach and winnowed it down to the following 3 takeaways that are discussed more thoroughly in the article: We need a uniform national breach notification law in the United States. When it comes to …
Continue reading “Incident Response – 3 Takeaways from the Equifax Breach”
Delaware recently amended its data breach notification law to include the following requirements:Expanded definition of “personal information” to include biometric data, medical information, passport numbers, routing numbers for accounts, individual taxpayer identification numbers and usernames in addition to the traditional forms of PII such as birth date and social security numbers.Notice to affected individuals within …
Continue reading “Key Points of Delaware’s New Data Breach Notification Law”
The FTC and Uber have settled the enforcement action the FTC brought against the company. This action stems from Uber’s data breach of more than 100,000 individuals’ PII despite its promises that their data was “securely stored within our databases.” The FTC found this promise was misleading when compared with the actions the company was …
On August 1, 2017, the Senate Cybersecurity Caucus introduced the “Internet of Things (IoT) Cybersecurity Improvement Act of 2017,” bi-partisan legislation focused on establishing minimum security requirements for the federal procurement of Internet connected devices (#IoT). The legislation is directed at vendors who supply IoT devices to the federal government. It requires that such products are …
Continue reading “IoT Cybersecurity Improvement Act of 2017 proposed by Senate Cybersecurity Caucus”
I thought you may like an invitation to attend two complimentary webinars that I will be doing this coming week: YOURS, MINE, OURS: Protecting the Data Gathered and Exchanged in Litigation, Association of Certified E-Discovery Specialists (ACEDS) Monday, August 7, 2017 @ 12:00 CDT LINK for more information FULL VIDEO (see below) Securing IoT Data: Compliance, …
Cybersecurity is not an IT issue, it is a business risk issue. It must be managed as such.
While at the 2017 State Bar of Texas Annual Meeting, I had the pleasure of visiting with Kevin OKeefe of LexBlog in a Facebook Live conversation where we talked about lawyers, blogging, and the evolution of my cybersecurity and data privacy practice. Check out the video and let us know what you think: https://www.facebook.com/kokeefe/videos/10154705674546696/ Here’s …
Continue reading “Kevin OKeefe and Shawn Tuma’s Conversation About Lawyers and Blogging at #SBOT17”
You must be logged in to post a comment.