Free Virtual Event: Reimagine Your Company Operating Again After a Ransomware Attack (DBU Tech Symposium)

You are invited to attend a free virtual DBU Tech Symposium on November 18 - 19, 2020. Did I mention this is both free and virtual? You have no excuse for not attending! RSVP here: https://www.dbu.edu/pages/tech-symposium/  I will be presenting on Wednesday, November 18, from 2:30 - 3:00 pm CT and the title of my …

Continue reading "Free Virtual Event: Reimagine Your Company Operating Again After a Ransomware Attack (DBU Tech Symposium)"

Podcast: #DtSR Episode 410 – TPA CISO Accountability Problems

I was a guest recently on the Down the Security Rabbithole Podcast with Raf Los, James Jardine, and Brandon Dunlap for episode 410 titled TPA CISO Accountability Problems. As they described it: Because we can't get enough of Brandon Dunlap and Shawn Tuma over here on the podcast, here we go again. Last episode Brandon …

Continue reading "Podcast: #DtSR Episode 410 – TPA CISO Accountability Problems"

Podcast: #DtSR Episode 408 – Shawn Tuma Cyber Superhero :)

I was a guest recently on the Down the Security Rabbithole Podcast with my good friends Raf Los and James Jardine who cleverly (and, kindly) titled this episode "Shawn Tuma Cyber Superhero" -- thanks, guys! Anyway ... as they described it: This week, on episode 408 Shawn Tuma joins us again to talk about the …

Continue reading "Podcast: #DtSR Episode 408 – Shawn Tuma Cyber Superhero :)"

Podcast: Unboxing a phishing email from the World Health Organization with Shawn Tuma

I was a guest recently on the "Can I Be Phished? Podcast" where we walked through analyzing an example phishing email to look for tell-tale signs of a a classic "Nigerian Prince" type of a phishing attempt. We also discussed current attack trends that we are seeing in our work as cyber incident response first …

Continue reading "Podcast: Unboxing a phishing email from the World Health Organization with Shawn Tuma"

Why did Lifespan Health face such a stiff HIPAA penalty for a stolen laptop? (publication)

Many thanks to HealthcareITNews for publishing my recent article Why did Lifespan Health face such a stiff HIPAA penalty for a stolen laptop? HHS is trying to get companies to comply with the law and, more broadly, their obligation to protect the sensitive information that people have entrusted to them. We have handled numerous cases …

Continue reading "Why did Lifespan Health face such a stiff HIPAA penalty for a stolen laptop? (publication)"

Shawn Tuma Elected as Chair of TX State Bar Computer & Technology Section

Spencer Fane attorney Shawn Tuma was recently named as Chair of the Texas Bar Association Computer and Technology Section. As Chair, Shawn will help — Read on http://www.spencerfane.com/shawn-tuma-elected-as-chair-of-tx-state-bar-computer-technology-section/

What Can Happen if You Do Not Notify Following a Data Breach?

Here is one of the questions we get asked most often: “Ok, so we’ve had a real data breach and you say we have clear notification obligations, what can happen if we just ignore it and pretend it never happened — that is, we just don’t notify?” Unfortunately, this question is oftentimes coupled with this …

Continue reading "What Can Happen if You Do Not Notify Following a Data Breach?"

With ransomware attacks increasing, cyber insurance now seen as a necessity, not a luxury (publication)

Many thanks to Security Magazine for publishing my recent article With ransomware attacks increasing, cyber insurance now seen as a necessity, not a luxury In reality, there is no “secure” — even when the best security measures are taken. When hackers want to get in and disrupt a business, they will. Companies must be resilient, …

Continue reading "With ransomware attacks increasing, cyber insurance now seen as a necessity, not a luxury (publication)"

***URGENT*** MEMO TO: “The IT Guy” / MSP After Ransomware Attack

Here’s a pro tip for "The IT Guy” or MSP whose customer has just been hit with ransomware, when it was their responsibility to protect against it: No matter how strongly you may feel about this issue, when your client is contemplating possibly paying the ransom to get their network recovered (and, save themselves from …

Continue reading "***URGENT*** MEMO TO: “The IT Guy” / MSP After Ransomware Attack"

Texas Bar Journal 2019 Cybersecurity & Data Privacy Update

The Texas Bar Journal’s 2019 year-end Cybersecurity & Data Privacy Update was once again provided by Shawn Tuma and addressed the following issues: Texas' New Data Breach Notification Requirements effective January 1, 2020 Whether website scraping allegations are sufficient to invoke Texas and federal "hacking" laws Whether viewing pictures on another's cellphone violates Texas "hacking" law Cyber …

Continue reading "Texas Bar Journal 2019 Cybersecurity & Data Privacy Update"