Tag Archives: Information security

Texas Developer Sentenced to 4 Years for “Kill Switch” Cyberattack on Former Employer

A former Eaton Corp. software developer received a 4-year federal prison sentence for deploying a “kill switch” that locked out thousands of users and caused over $360,000 in damages. Learn what happened and key lessons for businesses to prevent insider threats.

The Importance of GC+CISO Relationships in Cybersecurity (a New Project)

In early June 2024, my friend David Malicoat graciously invited me to be a guest on The Professional CISO Show and, while I was incredibly honored, I was a bit hesitant as well. I had just begun working on a concept (partially inspired by my friend Dena DeNooyer Stroh, most immediately, but also by my …

Continue reading “The Importance of GC+CISO Relationships in Cybersecurity (a New Project)”

Texas Attorney General Issues Consumer Alert Warning Texans of Potential Scams Following Nationwide CrowdStrike Outage

FOR IMMEDIATE RELEASEJuly 19, 2024www.texasattorneygeneral.govPRESS OFFICE: (512) 463-2050Communications@oag.texas.govAttorney General Ken Paxton Issues Consumer Alert Warning Texans of Potential Scams Following Nationwide CrowdStrike Outage   AUSTIN – Texas Attorney General Ken Paxton warned Texans of potential scams following the widespread CrowdStrike service outage.  Texans should be aware that bad actors can use cybersecurity incidents to take advantage …

Continue reading “Texas Attorney General Issues Consumer Alert Warning Texans of Potential Scams Following Nationwide CrowdStrike Outage”

Texas Attorney General Launches Major AI, Data Privacy, and Security Initiative

FOR IMMEDIATE RELEASEJune 4, 2024www.texasattorneygeneral.govPRESS OFFICE: (512) 463-2050Communications@oag.texas.gov Attorney General Ken Paxton Launches Data Privacy and Security Initiative to Protect Texans’ Sensitive Data from Illegal Exploitation by Tech, AI, and Other Companies  AUSTIN – Texas Attorney General Ken Paxton has launched a major data privacy and security initiative, establishing a team that is focused on aggressive …

Continue reading “Texas Attorney General Launches Major AI, Data Privacy, and Security Initiative”

Discussion on Cyber Security and Cyber Law Identity Governance Matters for #AuditTuesday Show

It was great to be a guest on the YouAttest #AuditTuesday show to talk about Cybersecurity and Cyber Law Identity Governance Matters. If you enjoyed this video, please join the discussion here on LinkedIn! https://youtu.be/wwEphvc7mN4?si=fa5yRK1dKUQAqIpO

DFW Area Security Peeps – Join me at SecureWorld Dallas on October 25th & 26th!

I am super excited to share that I will speaking at one of my absolute favorite conferences each year — the United States’ preeminent cybersecurity conference — SecureWorld – Dallas! On Wednesday, October 25, 2023, I will be leading a full day workshop for SecureWorld Plus registrants on Real-World Cyber Risk Management and Resilience Planning …

Continue reading “DFW Area Security Peeps – Join me at SecureWorld Dallas on October 25th & 26th!”

A few quotes from my keynote at SecureWorld Boston

Following the outstanding SecureWorld Boston event, my friends at SecureWorld shared Highlights and Insights from SecureWorld Boston 2023 and were kind enough to include a few quotes from my lunch keynote — let me know what you think and please offer your perspective on these ideas: The final keynote session was given by Shawn Tuma, Co-Chair …

Continue reading “A few quotes from my keynote at SecureWorld Boston”

Join me and #EnterpriseUniversity for Real-World Cyber Risk Management and Resilience Planning on March 28, 2023!

On Tuesday, March 28, 2023, I will be teaching a class on Real-World Cyber Risk Management and Resilience Planning as part of #EnterpriseUniversity Enterprise Bank & Trust’s education program for business leaders and professionals! Join me for this course, and take a look at all of the live, virtual courses available at no cost to …

Continue reading “Join me and #EnterpriseUniversity for Real-World Cyber Risk Management and Resilience Planning on March 28, 2023!”

HHS Releases HPH Sector Cybersecurity Framework Implementation Guide to Help Healthcare Organizations Leverage NIST Cybersecurity Framework

On March 8, 2023, the U.S. Department of Health and Human Services (HHS) released its HPH Sector Cybersecurity Framework Implementation Guide (the Guide) to help healthcare organizations leverage the NIST Cybersecurity Framework. This Guide is not only a must-read for all healthcare “covered entities,” especially small and midsize organizations, but it is excellent advice for …

Continue reading “HHS Releases HPH Sector Cybersecurity Framework Implementation Guide to Help Healthcare Organizations Leverage NIST Cybersecurity Framework”

FBI, CISA, MS-ISAC Joint Cybersecurity Advisory – #StopRansomware: LockBit 3.0

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing & Analysis Center (MS-ISAC) routinely release a Joint Cybersecurity Advisory (CSA) as part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail ransomware variants and ransomware threat actors. On March 16, 2023, they …

Continue reading “FBI, CISA, MS-ISAC Joint Cybersecurity Advisory – #StopRansomware: LockBit 3.0”