Analyzing the Global Impact of Cybersecurity, Law, and Business Risk.
Now that the WannaCry ransomware has your attention and the attention of everybody else, it is time to start thinking about your company's cybersecurity legal and compliance obligations. Do you know whether your company will be impacted by New York's expansive and global reaching Cybersecurity Regulations? The new Regulations govern many companies that do business [...]
The National Labor Relations Board (NLRB) has continued its assault on businesses and their ability to legitimately protect their computer systems and information against unauthorized non-business use by employees. A few weeks ago, I wrote 3 Important Points on Computer Policies in which I stressed (1) why your company must have them but (2) that [...]
IMPORTANT POINT #1: YOUR BUSINESS MUST HAVE A COMPUTER USE POLICY IN PLACE Computer Use Policies (or Acceptable Use Policies, as they are often referred to) are must haves for today's businesses. Such policies are a foundational component in how a business creates a culture of security with its workforce by establishing expectations on what are [...]
An article in eCommerce Times offers a well-reasoned argument for why the NIST (National Institute of Standards and Technology) Cybersecurity Framework is the guiding force in shaping the United States' federal cybersecurity strategy: NIST Risk-Assessment Framework Shapes Federal Cybersecurity Strategy You should read it -- but only after you read the following explanation because it is [...]
In his latest Ethical Boardroom article, Shawn Tuma explains why it is important for board members to have an active role in their company's cybersecurity preparation and tells them several key steps they can take to do so. Tuma also explains why cybersecurity is as much a legal issue and business issue as it is [...]