Tag Archives: Data breach

Dear Santa: Shawn Tuma’s Cybersecurity Christmas Wish

Shawn Tuma asks Santa for one cybersecurity Christmas wish — what is yours?

Why Lawyers Need to Understand Cyber Insurance for Their Clients

Cybersecurity, data breach, cyber attacks, and cyber insurance. Unless you live under a rock, you have heard of it. You better hope your lawyer has too! Shawn Tuma argues that the minimum standard of care for lawyers practicing in 2015-16 requires a basic understanding of cyber insurance. He recently explained that argument, along with his co-author …

Continue reading “Why Lawyers Need to Understand Cyber Insurance for Their Clients”

Wyndham and FTC settle data breach dispute — Wyndham got 20 years

On December 9, 2015, the FTC announced that it and Wyndham Hotels had settled their long-running dispute that led to an opinion from the Third Circuit Court of Appeals confirming the FTC’s authority to regulate cybersecurity. The gist of the settlement is that, for the next 20 years, Wyndham must do the following: obtain annual …

Continue reading “Wyndham and FTC settle data breach dispute — Wyndham got 20 years”

SecureWorld Webinar: Data Protection Pitfalls to Avoid

You are welcome to attend a complimentary SecureWorld webinar with these featured presenters: Aliki Liadis-Hall, Director of Compliance, North American Bancard Jason Hart, CTO of Data Protection, Gemalto Shawn Tuma, Cybersecurity & Data Protection Partner, Scheef & Stone, LLP Kim L. Jones (moderator), Sr. Vice President & CISO, Vantiv The webinar is sponsored by Gemalto, qualifies for CPE …

Continue reading “SecureWorld Webinar: Data Protection Pitfalls to Avoid”

Cover the Basics for Securing Your Network — Shawn Tuma’s Book Contribution

Shawn Tuma authored a section for an eBook published by Fortinet Security. You can read Tuma’s section, Cover the Basics, as well as download the complete eBook at this link: Cover the Basics- by Shawn E. Tuma | MightyGuides.com

Is your business prepared to respond this quickly to a data breach?

Customers and the public expect a very quick response to a data breach — within a matter of a few days. That is the new standard. If your business is not prepared ahead of time for such a response, it will be impossible. Your business needs a response plan in place with all of the key …

Continue reading “Is your business prepared to respond this quickly to a data breach?”

Excellus Blue Cross Blue Shield’s big data breach and the security lessons we all need to learn

Guest Post by Debbie Fletcher There are two possible conversations that could be kicked off by the news of the major data breach at Excellus Blue Cross Blue Shield in which more than 10 million customer accounts were exposed. The first possible conversation is about internet security and what businesses and organizations of all sizes …

Continue reading “Excellus Blue Cross Blue Shield’s big data breach and the security lessons we all need to learn”

Employee Retaining Stored Patient List on Personal Laptop Triggers Data Breach Obligation

An employee of East Bay Perinatal Medical Associates in Oakland, CA, retained on his personal laptop, a patient list that he had prepared as part of his job. The list did not contain PHI information but it did contain PII information. The Berkley Police discovered the list during an unrelated investigation and notified EBPMA that it …

Continue reading “Employee Retaining Stored Patient List on Personal Laptop Triggers Data Breach Obligation”

Employee Viewing Information Without Authorization Triggers Data Breach Notification Obligation for Credit Union

An employee of Golden State Credit Union viewed member account information, containing Personally Identifiable Information (PII), without having the requisite authority to view such accounts. This action — alone — was sufficient to trigger the notification requirement of the California data breach notification law, at great expense and frustration for the Credit Union, which offered …

Continue reading “Employee Viewing Information Without Authorization Triggers Data Breach Notification Obligation for Credit Union”

Why every CIO needs a cybersecurity attorney (my comments on why this is my favorite article ever)

Wow, this article seriously just made my day. I will apologize in advance to my friend and CSO writer and Michael Santarcangelo (@catalyst), but this may very well be my favorite article — anywhere — of all time! And, thank you, Tom Hulsey (@TomHulsey), for sharing it with me! As for you, Ms. Kacy Zurkus (@KSZ714), all I can …

Continue reading “Why every CIO needs a cybersecurity attorney (my comments on why this is my favorite article ever)”