Certifying Digital Court Records - Digital Planning Podcast
As cyber threats become increasingly sophisticated, traditional security models that rely on perimeter defenses are no longer sufficient. Zero Trust Architecture (ZTA) offers a modern approach to security that assumes no user...more
Starting my new role as Director of Marketing at Accelerynt has been filled with the usual excitement of a new chapter. But it also delivered a moment of unexpected personal relief—and professional inspiration. Coming from an...more
On August 21, 2024, the National Institution of Standards and Technology (“NIST”) released the second draft of its Digital Identity Guidelines, which provides federal agencies with a framework for identity proofing and...more
Consumers use cell phone numbers to authenticate their identities across a variety of accounts, such as those held with wireless providers, financial institutions, healthcare providers, and retail websites. One common example...more
Feeling seen, but maybe too seen - Stepping off the plane this past August after a long international flight, the last thing I wanted was a lengthy wait at US Customs, the final sentinel between me and a good night’s sleep. I...more
On May 10, 2023, the National Institute of Standards and Technology (“NIST”) released an Initial Public Draft of Revision 3 to NIST Special Publication (“SP”) 800-171, Protecting Controlled Unclassified Information in...more
On August 11, the Federal Financial Institutions Examinations Council (FFIEC) issued new guidance, providing examples of effective authentication and access risk management principles and practices for financial institutions....more
The Federal Financial Institutions Examination Council (FFIEC) has issued new guidance on authentication and access titled, “Authentication and Access to Financial Institution Services and Systems” (Guidance.) The Guidance...more
Key Takeaways: ..According to FINRA, the number of reported instances involving broker-dealer fraudulent account takeovers (ATO) and related theft is on the rise. ..As set forth in recently released FINRA Regulatory...more
Italian news on on-line KYC for AML purposes, including the possibility to rely on SCA when certain conditions are met, have been confirmed. On 14 September, Law Decree No. 76/2020 regarding urgent measures for...more
Several years ago when cybercrime and attacks on corporate information and funds were less common, corporate counsel may have been justified in expecting the government to take a leading role in efforts to identify, locate,...more
Commonsense IoT security steps that startups and small business should consider to comply with California’s new law - California recently enacted a new law, Senate Bill 327, that requires companies that make Internet of...more
On April 29, 2019, FINRA published an Information Notice alerting to a potential increase in member firms falling victim to imposter websites – websites designed to appear legitimate but that actually serve as a vehicle to...more
Everyone hates passwords. They are difficult to remember, and human nature is to re-use them across platforms, which is well-known to be a no-no. Managing passwords is time consuming, cumbersome and a pain. Which is why they...more
I came across an article last week that indicated there was a successful attack on Microsoft’s Office 365 and Google’s G Suite environments that was able to bypass multi-factor authentication (MFA). However, after reading the...more
Sometimes I feel like I’m the Grinch at a party when I talk shop about the latest massive data breach or horrible hacker story that is in the news. We say things like, “it’s not if, but when” there will be another data...more
This has been quite the year of O365 intrusions. The story seems to be almost identical in each security incident we investigate this year, and it goes like this...more
If you clicked on this post, that means you probably fall into one of two categories. Category 1: You are really tired of having to come up with – and remember – increasingly more complicated passwords, only to then be asked...more
Information is everywhere, especially in the workplace. But traditional means of securing and sharing data—which typically involve accessing password protected information from various sources—is inefficient, cumbersome, and...more
Risk Management Question: Dual factor authentication greatly increases your online security, but it is no panacea. Dual factor authentication can be compromised through social engineering and phishing exploits. What can law...more
In a recent newsletter, the Office for Civil Rights (OCR) encourages health care organizations to review their procedures around authentication and “ensure that they have the appropriate safeguards in place.”...more
“If our country is to successfully defend our right to live the American way, it needs every one of you, and requires you in the best possible condition. Any [company] who willfully, or through neglect fails to maintain...more