Examining the Global Impact of AI + Cyber + Data + Privacy + Law = Business Risk
An article in eCommerce Times offers a well-reasoned argument for why the NIST (National Institute of Standards and Technology) Cybersecurity Framework is the guiding force in shaping the United States’ federal cybersecurity strategy: NIST Risk-Assessment Framework Shapes Federal Cybersecurity Strategy You should read it — but only after you read the following explanation because it is …
Continue reading “The #1 Reason NIST Cybersecurity Framework is Becoming the Standard”
In his latest Ethical Boardroom article, Shawn Tuma explains why it is important for board members to have an active role in their company’s cybersecurity preparation and tells them several key steps they can take to do so. Tuma also explains why cybersecurity is as much a legal issue and business issue as it is …
Continue reading “Managing Cybersecurity Risks for Boards of Directors”
Do not miss this podcast discussing key cybersecurity legal events from 2015. Shawn Tuma joined the DtSR Gang [Rafal Los (@Wh1t3Rabbit), James Jardine (@JardineSoftware), and Michael Santarcangelo (@Catalyst)] on the Down the Security Rabbit Hole podcast. In this episode… Most important cybersecurity-related legal developments of 2015 Tectonic Shift that occurred with “standing” in consumer data …
Continue reading “Cybersecurity Legal Year in Review – #DtSR Podcast”
On December 9, 2015, the FTC announced that it and Wyndham Hotels had settled their long-running dispute that led to an opinion from the Third Circuit Court of Appeals confirming the FTC’s authority to regulate cybersecurity. The gist of the settlement is that, for the next 20 years, Wyndham must do the following: obtain annual …
Continue reading “Wyndham and FTC settle data breach dispute — Wyndham got 20 years”
The legal findings in FTC v. LabMD. LabMD was vindicated by the November 15, 2015 Initial Decision in FTC v. LabMD (the Decision). In the Decision, the Chief Administrative Law Judge (ALJ) ordered the FTC to dismiss its Complaint against LabMD based on the following findings as to LabMD’s 2008 “data breach”: There was “no evidence that …
Continue reading “FTC v. LabMD: I always give ’em a fair trial before I hang ’em.”
The federal security laws require registered investment advisers to adopt written policies and procedures reasonably designed to protect customer records and information. SEC v. R.T. Jones Capital Equities Management, Consent Order (Sept. 22, 2015). “Firms must adopt written policies to protect their clients’ private information and they need to anticipate potential cybersecurity events and have …
Continue reading “SEC v. R.T. Jones shows the SEC has a role in regulating cybersecurity”
The FTC has authority to regulate cybersecurity under the unfairness prong of § 45(a) of the Federal Trade Commission Act and companies have fair notice that their specific cybersecurity practices could fall short of that provision. F.T.C. v. Wyndham Worldwide Corp., 799 F.3d 236 (3rd Cir. Aug. 24, 2015). Here are a few key points …
Continue reading “FTC v. Wyndham Worldwide Solidifies the FTC’s Role in Regulating Cybersecurity”
I had the wonderful opportunity to visit with and get to know Rocky Dhir (@rockydhir) at the State Bar of Texas 2015 Annual Meeting in San Antonio. Rocky is the Founder and CEO of Atlas Legal Research, LP (@atlaslegal), “the world’s leading legal outsourcing company.” Rocky and I did a brief interview where we talked …
Wow, this article seriously just made my day. I will apologize in advance to my friend and CSO writer and Michael Santarcangelo (@catalyst), but this may very well be my favorite article — anywhere — of all time! And, thank you, Tom Hulsey (@TomHulsey), for sharing it with me! As for you, Ms. Kacy Zurkus (@KSZ714), all I can …
“You don’t drown from falling into the water, you drown from not getting out.” Think about that — and think about how that applies to cyber security and data breach issues facing companies in today’s cyber world. Here, in my first ever video blog post, I explain this issue with more detail.
You must be logged in to post a comment.