I was a guest recently on the Down the Security Rabbithole Podcast with Raf Los, James Jardine, and Brandon Dunlap for episode 410 titled TPA CISO Accountability Problems. As they described it: Because we can’t get enough of Brandon Dunlap and Shawn Tuma over here on the podcast, here we go again. Last episode Brandon…
Tag: Cybersecurity
Podcast: #DtSR Episode 408 – Shawn Tuma Cyber Superhero :)
I was a guest recently on the Down the Security Rabbithole Podcast with my good friends Raf Los and James Jardine who cleverly (and, kindly) titled this episode “Shawn Tuma Cyber Superhero” — thanks, guys! Anyway … as they described it: This week, on episode 408 Shawn Tuma joins us again to talk about the…
Podcast: Unboxing a phishing email from the World Health Organization with Shawn Tuma
I was a guest recently on the “Can I Be Phished? Podcast” where we walked through analyzing an example phishing email to look for tell-tale signs of a a classic “Nigerian Prince” type of a phishing attempt. We also discussed current attack trends that we are seeing in our work as cyber incident response first…
Why did Lifespan Health face such a stiff HIPAA penalty for a stolen laptop? (publication)
Many thanks to HealthcareITNews for publishing my recent article Why did Lifespan Health face such a stiff HIPAA penalty for a stolen laptop? HHS is trying to get companies to comply with the law and, more broadly, their obligation to protect the sensitive information that people have entrusted to them. We have handled numerous cases…
What Can Happen if You Do Not Notify Following a Data Breach?
Here is one of the questions we get asked most often: “Ok, so we’ve had a real data breach and you say we have clear notification obligations, what can happen if we just ignore it and pretend it never happened — that is, we just don’t notify?” Unfortunately, this question is oftentimes coupled with this…
With ransomware attacks increasing, cyber insurance now seen as a necessity, not a luxury (publication)
Many thanks to Security Magazine for publishing my recent article With ransomware attacks increasing, cyber insurance now seen as a necessity, not a luxury In reality, there is no “secure” — even when the best security measures are taken. When hackers want to get in and disrupt a business, they will. Companies must be resilient,…
Think Your Company is Too Pretty To Be Hit With A Ransomware Attack? Think Again.
Ask beauty-brand Avon, which was hit with a ransomware attack on June 8 that shut down some of its operations for over a week: A source tracking the incident has told ZDNet today that the Avon incident is a ransomware attack carried out by the DopplePaymer gang. Avon recovering after mysterious cyber-security incident
Think your company’s IT is too sophisticated to be hit with a ransomware attack? Think again.
A lot of business executives — and far too many IT professionals — think that their company’s IT systems are too sophisticated and well-maintained for their company to have a successful ransomware attack against it. They think their company is doing it all right and this is only the kind of stuff that happens to…
Ransomware is the single greatest risk your company faces – here’s why
You read that correctly: ransomware is the single greatest risk to your company. Even in times of the COVID-19 global pandemic, ransomware is still the one risk where, tonight, the company CEO can lay her head down on her pillow with the company doing fine, profits up and operations running smoothly, and then wake up…
Two Cyber Insurance Issues Service Providers Should Discuss with Their Clients
If you are a service provider, there are two things about cyber insurance that you should discuss with your clients and make sure they understand. Watch this 2 minute video to better understand why: So, what are those two things? In today’s environment, every company has substantial cyber risk and every company needs cyber insurance….
You must be logged in to post a comment.