Examining the Global Impact of AI + Cyber + Data + Privacy + Law = Business Risk
When we think of cybercrime, cybersecurity, cyber[fill-in-the-blank], we need to remember there are two components: (1) the cyber, and (2) the other. The cyber part simply refers to the tool that is used or the target that is attacked. And, for Heaven's sake, please quit getting freaked out by the word "hack" -- hacking means unauthorized access …
Continue reading "Cybersecurity Is a Human Nature Problem"
Third-party risk (or nth-party risk) is a hot topic in cybersecurity. While it can mean many things, at its core third-party risk describes a situation in which an organization that does a good job of protecting its own network and data, within its environment, works with other organizations that do not do such a good …
The US House of Representatives has passed legislation similar to that recently passed by the Senate that would require the National Institute of Standards and Technology (NIST) to produce cybersecurity guidance that will be aimed at helping small businesses. The NIST Small Business Cybersecurity Act of 2017 would include NIST’s creating guidelines, tools, and best …
Continue reading "NIST Cybersecurity Guidance for Small Business Likely Forthcoming"
A federal judge sentenced David Kent to a year and a day in prison and ordered him to pay $3.3 million in restitution and pay a $20,000 fine for accessing the computer network of Rigzone.com, an industry-specific networking website. Kent founded Rigzone.com, sold it for $51 million, and after the sale accessed the company's network to obtain …
Continue reading "Hacking Into A Company You Sold Can Get You Jail Time"
If I timed this right, when this post publishes, I will be about to present at the ISACA CSX 2017 North America Cybersecurity Nexus Conference in Washington, DC. My talk is titled Legal Issues Associated with Third-Party Risk. I am publishing this post with the #CSXNA and #CyberAware hashtags in the title so that conference attendees can …
Continue reading "Checklist: Managing Third-Party Risk in #Cybersecurity"
On September 30, 2017, I am speaking at the Regent University School of Law's Law Review Symposium on The Expansion of Technology in the 21st Century: How the Changes in Technology are Shaping the Law and the Legal Profession in America. At the end of this post, I have provided links to additional publications I …
Continue reading "How Cybersecurity is Impacting People’s Rights (Regent University Symposium)"
In the wake of the Equifax and Securities and Exchange Commission's data breach disclosures, there has been a lot of public outcry over the assertion that it took too long to disclose these data breaches to the public. "Too long" is a relative term, to start with, as I have little doubt that some people will …
Continue reading "Why do data breach disclosures often take too long? Let’s ask the SEC Chairman."
On the heels of the Equifax breach, the United States Securities and Exchange Commission (SEC) disclosed on September 20, 2017, that it had been hacked way back in 2016. It further disclosed that about a month ago it learned the hackers may have used their access for illegal online trading. With the SEC's regulatory enforcement …
Continue reading "Does blasting the SEC for failing to act on warnings help cybersecurity?"
Read the #CyberAvengers’ recent article, Ransomware Spreading Like Crazy Worms, on NextGov.com, Levick.com, or The #CyberAvengers website. _____________________________ The #CyberAvengers (Paul Ferrillo, Chuck Brooks, Kenneth Holley, George Platsis, George Thomas, Shawn Tuma, Christophe Veltsos) are a group of salty and experienced professionals who have decided to work together to help our country by defeating cybercrime and slowing down nefarious actors operating in cyberspace seeking […]
This is intended to be an old-fashioned "blog" about thoughts on the Equifax data breach. It will be ongoing so please check back regularly. Topics Media interviews and commentary We are seeing shame hacking taken to a new level Will I lead a consumer class action lawsuit against Equifax? Lawsuits and investigations against Equifax What …
Continue reading "Musings about the Equifax Data Breach"
You must be logged in to post a comment.