Archives

Cyber-Back to School Basics

As we are all preparing for the “most wonderful time of the year”, i.e. back to school for the kids, it makes me reflect on how much things have changed from when we were kids in school.  For example, I am currently on the hunt for a ½ inch three-ring binder with interior pockets in chartreuse for my 7 year old. When we were kids we showed up with a back-pack, a lunch box and some pencils. Not so anymore where we are provided a detailed list as long as my arm of school supplies for my pre-schooler.  So many of you are probably asking what this has to do with cybersecurity.  Well, it actually has everything to do with cybersecurity. 

Professionalism is the Name of the Game

I was struck today by an article in the New Jersey Law Journal entitled “Lawyer’s ‘Inadvertent’ E-Discovery Failures Led to Wells Fargo Data Breach.” The article tells the tale of an attorney who inadvertently provided Wells Fargo customer information, including personally identifiable information (“PII”), to her adversary in discovery. Apparently, the parties did not have a confidentiality agreement and the documents were not redacted, which violates privacy protection laws (both state and Federal).  

Where is the Data Located?

The U.S. Federal Courts are currently struggling with what may seem like a simple question before the internet and cloud computing:  where is the data located? Back in the age of paper, this question was easy to answer.  Yes, there may have been copies.  But for the most part, the definitive answer was:  where the paper is physically located.  

Know Thy Vendors

One of the most important things to consider when dealing with the issue of cybersecurity does not even involve your own direct network security.  It involves your vendors.  Those companies and organizations that help you run your business in an efficient and cost effective manner.  Those little “helpers”, however, can also be a huge threat vector to your organization.  In the world of cybersecurity, you are only as strong as the weakest link in your data chain.

XPAN and Keavney & Streger Announce Strategic Partnership in Cybersecurity and HIPAA Compliance

XPAN Law Group, LLC is proud to announce a strategic partnership with Keavney & Streger, LLC (“K&S”) to provide comprehensive HIPAA and cybersecurity services.  XPAN and K&S are forming an alliance to combine their specialized legal knowledge and provide clients with a full scale HIPAA and cybersecurity assessments including a full day of educational training for employees on both critical areas. 

Check out XPAN on What’s Going On

XPAN Law Group’s co-founders Rebecca Rakoski and Jordan Fischer were featured on What’s Going On with Loraine Ballard Morrill.  Check out the full interview here!

An Active Europe: Driving the Data Protection Conversation

Today, Europe is increasingly being seen as driving the conversation on privacy protections in the age of technology.  The CJEU is a particularly vocal participant in this conversation:  from 2000 to 2015, the CJEU has decided thirty-one (31) decisions related to data protection, often defining the individual’s right to privacy contra government and commercial entities.  

When Will We Learn????

So I am taking a short break from the “Luck Favors the Prepared” series on cybersecurity to talk about the recently publicized cyber attack against DLA Piper and the “Petya” ransomware global cyber attack against banks, power companies and Maersk.  

XPAN Law Group’s Jordan Fischer is named to the 2017-2018 class of the Pennsylvania Bar Association’s Bar Leadership Institute

XPAN Law Group is proud to announced that Jordan Fischer has been named to the 2017-2018 class of the Pennsylvania Bar Association’s Bar Leadership Institute (BLI).  

Nation-State Cyber Attacks Are a Good Reminder of Cybersecurity For All

Ok, so the first question is what is a nation-state cyber attack?  It is exactly what it sounds like:  a foreign government (or government-directed) organization targets another country’s government or commercial institutions or infrastructure.