Complimentary SecureWorld Webinar – 2016 Breaches: Lessons Learned

You are welcome to attend a complimentary SecureWorld webinar with these featured presenters:

  • Erich Kron, Security Awareness Advocate, KnowBe4
  • Aliki Liadis-Hall, Director of Compliance, North American Bancard
  • Craig Spiezle, Executive Director & President, Online Trust Alliance
  • Shawn Tuma, Cybersecurity & Data Privacy Partner, Scheef & Stone, LLP

The webinar qualifies for CPE Credits, and will take place on Wednesday, November 30 at 12 pm CST but if you are unable to attend, you can access the recording as well.

You can learn more about, and register for, the webinar at this LINK.

Cybersecurity Lessons Learned from SecureWorld #SWDAL16 Conference

secureworldFollowing an outstanding SecureWorld Expo – Dallas Conference, Courtney Theim posted a nice wrap up of the lessons learned as of the time of her post: #SWDAL16: What We’ve Learned So Far

I am going to give you the gist of it and encourage you to go check out the full post: Continue reading “Cybersecurity Lessons Learned from SecureWorld #SWDAL16 Conference”

Cybersecurity Legal Issues: What you really need to know (slides)

Shawn Tuma delivered the presentation Cybersecurity Legal Issues: What you really need to know at a Cybersecurity Summit sponsored by the Tarleton State University School of Criminology, Criminal Justice, and Strategic Studies’ Institute for Homeland Security, Cybercrime and International Criminal Justice. The presentation was on September 13, 2016 at the George Bush Institue. The following are the slides from Tuma’s presentation — a video of the presentation will be posted soon!

Continue reading “Cybersecurity Legal Issues: What you really need to know (slides)”

Cybersecurity Incident Response Checklist

Business leaders, when people like me tell you that having a cybersecurity incident in your company is like being in a building on fire, we are not exaggerating. Take a look at the following checklist (note, this is not an incident response plan!) while keeping in mind that over half of the items on that checklist should be performed almost simultaneously within hours of learning that your company has had a data breach.

While this is not an exhaustive list, these are the items that most often need to be performed in the cases in which I guide clients through the incident response and remediation process. Of course there will be exceptions, additions, and omissions — take this for what it is, a starting point. Finally, note that the picture below is an image of the checklist and is blurry — you can download the original here.

checklist-image

______________________

Shawn Tuma (@shawnetuma) is a business lawyer with an internationally recognized reputation in cybersecurity, computer fraud, and data privacy law. He is a Cybersecurity & Data Privacy Partner at Scheef & Stone, LLP, a full-service commercial law firm in Texas that represents businesses of all sizes throughout the United States and, through its Mackrell International network, around the world.

 

 

Cybersecurity: How Long Should An Incident Response Plan Be?

Last evening I had the pleasure of talking cybersecurity law with a group of CIOs from some pretty sophisticated companies. It was a great discussion and I learned as much as I shared — just the way I like it. During our discussion, the subject of Incident Response Plans came up and I explained why these are now a must-have.  Continue reading “Cybersecurity: How Long Should An Incident Response Plan Be?”