Complimentary SecureWorld Webinar – 2016 Breaches: Lessons Learned

You are welcome to attend a complimentary SecureWorld webinar with these featured presenters:

  • Erich Kron, Security Awareness Advocate, KnowBe4
  • Aliki Liadis-Hall, Director of Compliance, North American Bancard
  • Craig Spiezle, Executive Director & President, Online Trust Alliance
  • Shawn Tuma, Cybersecurity & Data Privacy Partner, Scheef & Stone, LLP

The webinar qualifies for CPE Credits, and will take place on Wednesday, November 30 at 12 pm CST but if you are unable to attend, you can access the recording as well.

You can learn more about, and register for, the webinar at this LINK.

Cybersecurity Lessons Learned from SecureWorld #SWDAL16 Conference

secureworldFollowing an outstanding SecureWorld Expo – Dallas Conference, Courtney Theim posted a nice wrap up of the lessons learned as of the time of her post: #SWDAL16: What We’ve Learned So Far

I am going to give you the gist of it and encourage you to go check out the full post: Continue reading “Cybersecurity Lessons Learned from SecureWorld #SWDAL16 Conference”

Cybersecurity Legal Issues: What you really need to know (slides)

Shawn Tuma delivered the presentation Cybersecurity Legal Issues: What you really need to know at a Cybersecurity Summit sponsored by the Tarleton State University School of Criminology, Criminal Justice, and Strategic Studies’ Institute for Homeland Security, Cybercrime and International Criminal Justice. The presentation was on September 13, 2016 at the George Bush Institue. The following are the slides from Tuma’s presentation — a video of the presentation will be posted soon!

Continue reading “Cybersecurity Legal Issues: What you really need to know (slides)”

Cybersecurity Incident Response Checklist

Business leaders, when people like me tell you that having a cybersecurity incident in your company is like being in a building on fire, we are not exaggerating. Take a look at the following checklist (note, this is not an incident response plan!) while keeping in mind that over half of the items on that checklist should be performed almost simultaneously within hours of learning that your company has had a data breach.

While this is not an exhaustive list, these are the items that most often need to be performed in the cases in which I guide clients through the incident response and remediation process. Of course there will be exceptions, additions, and omissions — take this for what it is, a starting point. Finally, note that the picture below is an image of the checklist and is blurry — you can download the original here.

checklist-image

______________________

Shawn Tuma (@shawnetuma) is a business lawyer with an internationally recognized reputation in cybersecurity, computer fraud, and data privacy law. He is a Cybersecurity & Data Privacy Partner at Scheef & Stone, LLP, a full-service commercial law firm in Texas that represents businesses of all sizes throughout the United States and, through its Mackrell International network, around the world.

 

 

Cybersecurity: How Long Should An Incident Response Plan Be?

Last evening I had the pleasure of talking cybersecurity law with a group of CIOs from some pretty sophisticated companies. It was a great discussion and I learned as much as I shared — just the way I like it. During our discussion, the subject of Incident Response Plans came up and I explained why these are now a must-have.  Continue reading “Cybersecurity: How Long Should An Incident Response Plan Be?”

3 Important Points on Computer Use Policies

IMPORTANT POINT #1: YOUR BUSINESS MUST HAVE A COMPUTER USE POLICY IN PLACE

Computer Use Policies (or Acceptable Use Policies, as they are often referred to) are must haves for today’s businesses. Such policies are a foundational component in how a business creates a culture of security with its workforce by establishing expectations on what are and are not permissible ways to use and safeguard the businesses’ digital assets, as well as third parties’ information that it may be holding. Continue reading “3 Important Points on Computer Use Policies”

Why Cybersecurity Incidents Are Legal Events

In this video, cybersecurity and data protection attorney Shawn Tuma explains why cybersecurity incidents are as much legal events as they are information technology and business / public relations events.

Continue reading “Why Cybersecurity Incidents Are Legal Events”

Managing Cybersecurity Risks for Boards of Directors

Ethical Boardroom Winter 2016In his latest Ethical Boardroom article, Shawn Tuma explains why it is important for board members to have an active role in their company’s cybersecurity preparation and tells them several key steps they can take to do so. Tuma also explains why cybersecurity is as much a legal issue and business issue as it is an IT issue. Continue reading “Managing Cybersecurity Risks for Boards of Directors”

SecureWorld Webinar: Data Protection Pitfalls to Avoid

You are welcome to attend a complimentary SecureWorld webinar with these featured presenters:

  • Aliki Liadis-Hall, Director of Compliance, North American Bancard
  • Jason Hart, CTO of Data Protection, Gemalto
  • Shawn Tuma, Cybersecurity & Data Protection Partner, Scheef & Stone, LLP
  • Kim L. Jones (moderator), Sr. Vice President & CISO, Vantiv

The webinar is sponsored by Gemalto, qualifies for CPE Credits, and will take place on Thursday, December 10 at 12 pm CST but if you are unable to attend, you can access the recording as well.

You can learn more about, and register for, the webinar at this LINK.

Cover the Basics for Securing Your Network — Shawn Tuma’s Book Contribution

Securing Your NetworkShawn Tuma authored a section for an eBook published by Fortinet Security. You can read Tuma’s section, Cover the Basics, as well as download the complete eBook at this link: Cover the Basics- by Shawn E. Tuma | MightyGuides.com