Cyber Risk Management and Attorney-Client Privilege in Cybersecurity Discussed on Business Security Weekly

Business Security Weekly, Episode 81, featured Michael Santarcangelo (@catalyst) inviting Shawn Tuma to join as co-host and guest to discuss two topics that should be near and dear to everyone's hearts: The legal case for why companies need cyber risk management programs and what experienced cybersecurity attorneys' roles are in such programs; and The frequently … Continue reading Cyber Risk Management and Attorney-Client Privilege in Cybersecurity Discussed on Business Security Weekly

Can your company do business without its computer system? Let’s ask Atlanta!

In the world of cybersecurity and data protection, we tend to think about most cyber incidents as being "data breaches" because that's the term de jour that occupies news headlines. Because of this, far too many companies think that if they do not have valuable data that hackers would want to "breach," so to speak, … Continue reading Can your company do business without its computer system? Let’s ask Atlanta!

Marine corp data breach lesson: human error is often the cause and is preventable

There has been a data breach emanating from the U.S. Marine Corps Forces Reserve that impacted 21,426 individuals. The breach exposed their sensitive personal information such as truncated social security numbers, bank electronic funds transfer and bank routing numbers, truncated credit card information, mailing address, residential address and emergency contact information. Calm down and press the … Continue reading Marine corp data breach lesson: human error is often the cause and is preventable

FMCNA to Pay $3.5 Million for Non-Compliance with HIPAA’s Risk Analysis and Risk Management Rules

Fresenius Medical Care North America (FMCNA) has agreed to pay $3.5 million to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), and to adopt a comprehensive corrective action plan, in order to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules. FMCNA … Continue reading FMCNA to Pay $3.5 Million for Non-Compliance with HIPAA’s Risk Analysis and Risk Management Rules

3 Legal Points for InfoSec Teams to Consider Before an Incident

As a teaser to my presentation at SecureWorld - Dallas last week, I did a brief interview with SecureWorld and talked about three of the points I would make in my lunch keynote, The Legal Case for Cybersecurity. If you're going to SecureWorld - Denver next week, join me for the lunch keynote on Thursday (11/2) … Continue reading 3 Legal Points for InfoSec Teams to Consider Before an Incident