Category Archives: Digital Information Law

After this judge’s ruling, do you finally see value in passwords? | CSO Online

Thank you Michael Santarcangelo for quoting me in your excellent article: After this judge’s ruling, do you finally see value in passwords? | CSO Online.

Fifth Amendment Permits Police To Force Users to Unlock iPhones With Fingerprints, But Not Passcodes

The Fifth Amendment does not prohibit the police from forcing users to provide a fingerprint to unlock a mobile device but it does prohibit them from forcing users to provide a passcode. This was the ruling of a District Court in Virginia. The court’s rationale is that the Fifth Amendment does not protect against providing physical or …

Continue reading “Fifth Amendment Permits Police To Force Users to Unlock iPhones With Fingerprints, But Not Passcodes”

Excellent info from Travelers: Company Data Security Policy & Standards

Travelers just published a list of 9 things companies should consider for data security policies and standards. It is excellent. You can see it by following the link below. But first, check out my CyberGard–Cyber Risk Protection Program that can help with implementing these 9 steps! via Company Data Security Policy & Standards | Travelers Insurance.

Podcast: #DtR Episode on Lines in the Sand on “Security Research”

You really need to hear this podcast where we draw lines in the sand staking out what is — and what is not — security research.  The #DtR Gang [Rafal Los (@Wh1t3Rabbit), James Jardine (@JardineSoftware), and Michael Santarcangelo (@Catalyst)] invited me to tag along for another episode of the Down the Security Rabbit Hole podcast. Also joining us for this episode were …

Continue reading “Podcast: #DtR Episode on Lines in the Sand on “Security Research””

Yes, I will mention this post in tomorrow’s seminar on data breach! “Who’s Gonna Get It?”

This is one of my favorite and my most popular posts ever — and you better believe I will find a way to mention it to this group of CEOs to help them understand why it is important to take seriously the data security threat! Data Breach – Who’s Gonna Get It? | business cyber …

Continue reading “Yes, I will mention this post in tomorrow’s seminar on data breach! “Who’s Gonna Get It?””

“Defense wins championships” when preparing for the inevitable data breach

“The best strategy to manage the inevitable data breach of your enterprise is to be prepared.” -Adam Greenberg, SC Magazine Exactly–you must prepare on 2 fronts: Defense & Response In a recent article in SC Magazine, Adam Greenberg marches along faithfully with many of us in trying to get you, the business leader, to appreciate the …

Continue reading ““Defense wins championships” when preparing for the inevitable data breach”

Podcast: DtR NewsCast of Hot Cyber Security Topics

I had the pleasure of joining the DtR Gang for another podcast on Down the Security Rabbit Hole and, as usual with this bunch, it was more fun than anything — but I learned a lot as well. Let me just tell you, these guys are the best around at what they do and they’re really …

Continue reading “Podcast: DtR NewsCast of Hot Cyber Security Topics”

FBI Director Talks Cyber Espionage: Chinese Like “Drunk Burglar”

“[T]here are two kinds of big companies in the United States. There are those who’ve been hacked by the Chinese and those who don’t know they’ve been hacked by the Chinese” -FBI Director The pervasive threat that cyber espionage poses to American business is not a new topic on this blog — we have been talking about it …

Continue reading “FBI Director Talks Cyber Espionage: Chinese Like “Drunk Burglar””

Podcast: CFAA, Shellshock and Cyber Security Research — What the Heck Do We Want?

Today I had a blast doing a podcast on the CFAA, Shellshock, and cyber security research with Rafal Los (@Wh1t3Rabbit), James Jardine (@JardineSoftware), and Michael Santarcangelo (@Catalyst) — in fact, we had so much fun that I suspect Raf had quite a time trying to edit it! The starting point for our discussion was a recent article …

Continue reading “Podcast: CFAA, Shellshock and Cyber Security Research — What the Heck Do We Want?”

Uncle Sam doesn’t have a clue on data privacy, cyber crime laws, and neither do we!

The point of the article that is the source of the quote below is exactly right: there is no consistency, cohesiveness, or harmony with the cyber crime and data privacy laws. I believe there are several reasons but these are the two that are most prominent: The cyber crime and data privacy laws are a patchwork collection …

Continue reading “Uncle Sam doesn’t have a clue on data privacy, cyber crime laws, and neither do we!”