Business leaders, when people like me tell you that having a cybersecurity incident in your company is like being in a building on fire, we are not exaggerating. Take a look at the following checklist (note, this is not an incident response plan!) while keeping in mind that over half of the items on that checklist…
Tag: breach notification
Cybersecurity: How Long Should An Incident Response Plan Be?
Last evening I had the pleasure of talking cybersecurity law with a group of CIOs from some pretty sophisticated companies. It was a great discussion and I learned as much as I shared — just the way I like it. During our discussion, the subject of Incident Response Plans came up and I explained why…
Why Cybersecurity Incidents Are Legal Events
In this video, cybersecurity and data protection attorney Shawn Tuma explains why cybersecurity incidents are as much legal events as they are information technology and business / public relations events.
Cybersecurity Legal Year in Review – #DtSR Podcast
Do not miss this podcast discussing key cybersecurity legal events from 2015. Shawn Tuma joined the DtSR Gang [Rafal Los (@Wh1t3Rabbit), James Jardine (@JardineSoftware), and Michael Santarcangelo (@Catalyst)] on the Down the Security Rabbit Hole podcast. In this episode… Most important cybersecurity-related legal developments of 2015 Tectonic Shift that occurred with “standing” in consumer data…
SecureWorld Webinar: Data Protection Pitfalls to Avoid
You are welcome to attend a complimentary SecureWorld webinar with these featured presenters: Aliki Liadis-Hall, Director of Compliance, North American Bancard Jason Hart, CTO of Data Protection, Gemalto Shawn Tuma, Cybersecurity & Data Protection Partner, Scheef & Stone, LLP Kim L. Jones (moderator), Sr. Vice President & CISO, Vantiv The webinar is sponsored by Gemalto, qualifies for CPE…
Cover the Basics for Securing Your Network — Shawn Tuma’s Book Contribution
Shawn Tuma authored a section for an eBook published by Fortinet Security. You can read Tuma’s section, Cover the Basics, as well as download the complete eBook at this link: Cover the Basics- by Shawn E. Tuma | MightyGuides.com
Is your business prepared to respond this quickly to a data breach?
Customers and the public expect a very quick response to a data breach — within a matter of a few days. That is the new standard. If your business is not prepared ahead of time for such a response, it will be impossible. Your business needs a response plan in place with all of the key…
Employee Retaining Stored Patient List on Personal Laptop Triggers Data Breach Obligation
An employee of East Bay Perinatal Medical Associates in Oakland, CA, retained on his personal laptop, a patient list that he had prepared as part of his job. The list did not contain PHI information but it did contain PII information. The Berkley Police discovered the list during an unrelated investigation and notified EBPMA that it…
Employee Viewing Information Without Authorization Triggers Data Breach Notification Obligation for Credit Union
An employee of Golden State Credit Union viewed member account information, containing Personally Identifiable Information (PII), without having the requisite authority to view such accounts. This action — alone — was sufficient to trigger the notification requirement of the California data breach notification law, at great expense and frustration for the Credit Union, which offered…
Why every CIO needs a cybersecurity attorney (my comments on why this is my favorite article ever)
Wow, this article seriously just made my day. I will apologize in advance to my friend and CSO writer and Michael Santarcangelo (@catalyst), but this may very well be my favorite article — anywhere — of all time! And, thank you, Tom Hulsey (@TomHulsey), for sharing it with me! As for you, Ms. Kacy Zurkus (@KSZ714), all I can…
You must be logged in to post a comment.