Complimentary Webinar: Countdown to #GDPR – Compliance for Non-EU Companies

Countdown to GDPR Compliance is a complimentary webinar that I will be moderating on Thursday, December 7, 2017, at 12:00 PM Central.  This is the second webinar in a three-part series sponsored by Mackrell International and will focus on Compliance for Non-EU Companies. You don’t want to miss it!

Moderator: Shawn Tuma
Presenter: Marta Stephanian, Ten Holter/Noordam
Presenter: Henrik Nilsson, Wesslau Söderqvist Advokatbyrå

 

COUNTDOWN TO GDPR COMPLIANCE: Compliance for Non-EU Companies
Sponsored by Mackrell International
Thursday, December 7, 2017 @ 12:00 PM CT
LINK for more information
Register via email: GDPR@hogefenton.com

GDPR Invite 2 11_21

I hope you are able to attend the webinars and find the information helpful in your business. As always, please let me know if you have any questions or if I can help you.

Shawn E. Tuma | Scheef & Stone, L.L.P.
Cybersecurity & Data Privacy Attorney
2600 Network Blvd., Suite 400, Frisco, TX 75034
214.472.2135 (direct) | 214.726.2808 (mobile)
Email: shawn.tuma@solidcounsel.com
Firm: www.solidcounsel.com
Blog: www.businesscyberrisk.com

IoT Cybersecurity Improvement Act of 2017 proposed by Senate Cybersecurity Caucus

On August 1, 2017, the Senate Cybersecurity Caucus introduced the “Internet of Things (IoT) Cybersecurity Improvement Act of 2017,” bi-partisan legislation focused on establishing minimum security requirements for the federal procurement of Internet connected devices (#IoT). Continue reading “IoT Cybersecurity Improvement Act of 2017 proposed by Senate Cybersecurity Caucus”

Invitation for 2 Webinars: Protecting Data Exchanged in Discovery and Securing IoT Data

I thought you may like an invitation to attend two complimentary webinars that I will be doing this coming week:

YOURS, MINE, OURS: Protecting the Data Gathered and Exchanged in Litigation, Association of Certified E-Discovery Specialists (ACEDS)
Monday, August 7, 2017 @ 12:00 CDT
LINK for more information FULL VIDEO (see below)

Securing IoT Data: Compliance, Privacy, and New Regulations, SecureWorld (webinar panel with Andrew Lance of Thales e-Security, Jay Irwin of Teradata, and Craig Spiezle of the Online Trust Alliance)
Wednesday, August 9, 2017 @ 12:00 CDT
LINK for more information

I hope you are able to attend the webinars and find the information helpful in your business. As always, please let me know if you have any questions or if I can help you.

Shawn E. Tuma | Scheef & Stone, L.L.P.
Cybersecurity & Data Privacy Attorney
2600 Network Blvd., Suite 400, Frisco, TX 75034
214.472.2135 (direct) | 214.726.2808 (mobile)
Email: shawn.tuma@solidcounsel.com
Firm: www.solidcounsel.com
Blog: www.businesscyberrisk.com

Dyn, Krebs, and Mirai Botnet – the IoT Pandora’s Box is Open, Now What?

Businesses now risk disruption from attacks by a minion army of “smart” IoT devices through DDoS attacks like those experienced by Dyn last Friday, and Brian Krebs in late September. The Mirai IoT botnet made these attacks possible and, because its source code was recently released into the wild, it will likely be used against other companies. Continue reading “Dyn, Krebs, and Mirai Botnet – the IoT Pandora’s Box is Open, Now What?”

You Could See This One Coming: Vibrator Company Sued for Tracking Usage

flingSETTLEMENT UPDATE: A Canadian sex-toy manufacturer, We-Vibe, has been ordered to pay out almost $3 million to customers who bought a “smart vibrator” that tracked owners’ usage without their knowledge. Each customer who used the associated app will be paid $7,433, and customers who bought the vibrator but never used the app can claim up to $147. READ MORE

___________________

For many years this blog has been raising awareness of the intimate nature of vulnerabilities that are created by connected devices on the Internet of Things (IoT) (hacking a toilet, hacking other devices). This latest about the We-Vibe sex toy is no surprise but, as explained below, the concern over shame hacking is no laughing matter.

Today’s Law 360 leads with an article about a recently filed privacy lawsuit: Vibrator Gets Too Intimate By Tracking Usage Info, Suit Says (paywall). According to the article, Continue reading “You Could See This One Coming: Vibrator Company Sued for Tracking Usage”

You should know this > “What do connected cars and toilets have in common?”

What do connected cars and toilets have in common? That is the title to a recent Blog Post about an upcoming presentation at VMWorld 2013, Barcelona and, when I read it, I just had to quiz my readers to see who remembered …

Come on now, you do know the answer to this question, right? I have blogged about hacking cars several times and, if you heard my presentation to the Privacy, Data Security, and eCommerce Committee of the State Bar of Texas back in August then you certainly should remember. [Presentation / hint: see slides 26 & 27 below] Do you remember now?

That is right, we are starting to see both “wired” cars and toilets that (a) have microprocessors and/or store data, and (b) are connected to the Internet, which means (c) under the Computer Fraud and Abuse Act they are considered to be “protected computers” and, (d) therefore, if wrongfully accessed (through the system, not physically) are covered by the CFAA. There you go – have a great day!

Yes, you can even hack a toilet! #IoT

Ahhh yes, hacking toilet now seems to be possible … and you folks thought I was crazy a few years ago for blogging about hacking a car, a home, or even hacking a human … but as you know see, you can even hack a toilet. Can you just imagine the frustration caused by a bidet gone mad? This certainly gives new meaning to a software vulnerability!

Ha! What a way to start a Monday.

So, do you think it would violate the CFAA? How about privacy law? Geez … back to work I go.

Here is the full story, enjoy: BBC News – Luxury toilet users warned of hardware flaw.