Tag: Digital Information Law

Cybersecurity Keynote Address at International Association of Insurance Professionals Event

I am really looking forward to delivering the Keynote Address at the International Association of Insurance Professionals IAIP DFW NAIW Week event on May 12, 2015. My address, which will follow 2 hours of CE/CLE education on Cyber Liability, is titled Cyber Risk Reality Check but, the more I think about it, perhaps it should be…

Read More

Will Officers & Directors Be Held Legally Responsible for Companies’ Data Breaches and Cybersecurity Incidents?

Will Officers and Directors be held legally responsible for their companies’ data breaches and cybersecurity incidents? That is the question I addressed in Cybersecurity Risk: Law and Trends – A Director’s Duties Must Evolve With The Company’s, which was recently published in the Spring 2015 issue of Ethical Boardroom (see article below). The article is short…

Read More

A Few Thoughts on the Consumer Litigation Settlement in the Target Data Breach Case

Many thanks to CSO Online and Michael Santarcangelo (@catalyst) for his excellent synopsis of our conversation regarding the recent settlement of the Consumer Litigation in the Target data breach lawsuit (note, the more substantive Financial Institutions Litigation has not settled). Please give the full article a read and also give a shout-out to Michael on his Twitter…

Read More

New Podcast: #DtSR Episode 130 – Where Law and Cyber Collide

I really appreciate the #DtSR Gang [Rafal Los (@Wh1t3Rabbit), James Jardine (@JardineSoftware), and Michael Santarcangelo (@Catalyst)] inviting me to tag along for another episode of the Down the Security Rabbit Hole podcast. In this episode we discuss the following: Traveler’s Insurance files suit against a web development company for failing to provide adequate security, resulting…

Read More

#SonyHack: Will Executives’ Embarrassing Emails Better Motivate Cybersecurity Change?

Sitting in the Miami airport at 5:00 am I am reading news updates on the #SonyHack and a thought just occurred to me: Previously, many of us preaching the “you better take your company’s security seriously” message to the C-Suites have been wondering if it would take a court decision finding C-Levels or Board members…

Read More

The Best Evidence Why Your Company Needs a CISO Before a Data Breach

“The proof is in the pudding,” goes the old saying. When it comes to organizational changes companies make following a data breach, If the proof is in the pudding, then the verdict is clear: companies should hire a Chief Information Security Officer (CISO) before they have a data breach. Why? According to this article in…

Read More

The Art of Cybersecurity: How Sun Tzu Masterminded the Home Depot Data Breach

Sun Tzu taught that, when it comes to the art of cybersecurity, you must be wary of your business associates and other third parties. Why? Have you heard that Home Depot had a data breach? That hackers were able to exfiltrate 56 million payment cards and 53 million customer email addresses from its systems? Did…

Read More

Yes, I will mention this post in tomorrow’s seminar on data breach! “Who’s Gonna Get It?”

This is one of my favorite and my most popular posts ever — and you better believe I will find a way to mention it to this group of CEOs to help them understand why it is important to take seriously the data security threat! Data Breach – Who’s Gonna Get It? | business cyber…

Read More

“Defense wins championships” when preparing for the inevitable data breach

“The best strategy to manage the inevitable data breach of your enterprise is to be prepared.” -Adam Greenberg, SC Magazine Exactly–you must prepare on 2 fronts: Defense & Response In a recent article in SC Magazine, Adam Greenberg marches along faithfully with many of us in trying to get you, the business leader, to appreciate the…

Read More
%d bloggers like this: