What the World Needs Now….

What the world needs now is for every organization to commit to a culture of security. The Equifax cyberattack is being touted as the largest and most concerning in the history of the United States. The company is reporting that at least 143 million Americans are affected by this breach, which includes the names, addresses, social security numbers and possibly credit card numbers of those people. For those of you keeping count, that is almost half of the American population.  As an attorney who focuses solely on cybersecurity, this type of attack is hardly a surprise.  Anyone who “lives” in this world is keenly aware that cyberattacks are becoming more frequent with hackers getting better and better at their craft.  

Cyber-Back to School Basics

As we are all preparing for the “most wonderful time of the year”, i.e. back to school for the kids, it makes me reflect on how much things have changed from when we were kids in school.  For example, I am currently on the hunt for a ½ inch three-ring binder with interior pockets in chartreuse for my 7 year old. When we were kids we showed up with a back-pack, a lunch box and some pencils. Not so anymore where we are provided a detailed list as long as my arm of school supplies for my pre-schooler.  So many of you are probably asking what this has to do with cybersecurity.  Well, it actually has everything to do with cybersecurity. 

Professionalism is the Name of the Game

I was struck today by an article in the New Jersey Law Journal entitled “Lawyer’s ‘Inadvertent’ E-Discovery Failures Led to Wells Fargo Data Breach.” The article tells the tale of an attorney who inadvertently provided Wells Fargo customer information, including personally identifiable information (“PII”), to her adversary in discovery. Apparently, the parties did not have a confidentiality agreement and the documents were not redacted, which violates privacy protection laws (both state and Federal).  

Where is the Data Located?

The U.S. Federal Courts are currently struggling with what may seem like a simple question before the internet and cloud computing:  where is the data located? Back in the age of paper, this question was easy to answer.  Yes, there may have been copies.  But for the most part, the definitive answer was:  where the paper is physically located.  

Know Thy Vendors

One of the most important things to consider when dealing with the issue of cybersecurity does not even involve your own direct network security.  It involves your vendors.  Those companies and organizations that help you run your business in an efficient and cost effective manner.  Those little “helpers”, however, can also be a huge threat vector to your organization.  In the world of cybersecurity, you are only as strong as the weakest link in your data chain.

An Active Europe: Driving the Data Protection Conversation

Today, Europe is increasingly being seen as driving the conversation on privacy protections in the age of technology.  The CJEU is a particularly vocal participant in this conversation:  from 2000 to 2015, the CJEU has decided thirty-one (31) decisions related to data protection, often defining the individual’s right to privacy contra government and commercial entities.  

When Will We Learn????

So I am taking a short break from the “Luck Favors the Prepared” series on cybersecurity to talk about the recently publicized cyber attack against DLA Piper and the “Petya” ransomware global cyber attack against banks, power companies and Maersk.  

Nation-State Cyber Attacks Are a Good Reminder of Cybersecurity For All

Ok, so the first question is what is a nation-state cyber attack?  It is exactly what it sounds like:  a foreign government (or government-directed) organization targets another country’s government or commercial institutions or infrastructure.  

Introduction to the GDPR Series

Welcome to the “Are You Ready? The GDPR and What You Need to Know” Series.  Over the next 11 months, we will explore the various articles of the General Data Protection Regulation (“GDPR”), adopted by the European Union (“EU”) in May 2016 and set to take effect in May 2018.

Biggest Concerns Facing Business In 2017 Is Cybersecurity

What was the biggest take away message for businesses from 2016?  Cybersecurity.  In a year where a billion Yahoo accounts were compromised and Russian state-sponsored hackers  allegedly infected the U.S. election, cybersecurity is on everyone’s mind, or it should be.  The truth is we face an unprecedented number of attacks on a variety of industries every day.  And while no one can predict with any certainty what lies ahead, the evidence is clear –  cybersecurity is a concern that is here to stay.