Information Security and ISO 27001
A Compliance Officer Turned Board Member's Advice
Cyberside Chats: Protect Your Crown Jewels – Nobody breaks into a bank to steal the posters
No Password Required: The Philosopher CISO of Tallahassee Who Lives to Help Other People
Cyberside Chats - Zero Trust and Cyber Negligence: A conversation with Dr. Zero Trust Chase Cunningham
No Password Required: A Former Police Officer Who Embodies All the Qualities of a Great Leader
Modernize your Information Governance: Building a Framework for Success
CyberSide Chats: Recap of the White House Cyber Summit (with Amanda Fennell)
Canna We Talk Cannabis? Cybersecurity Risks Bring Growing Pains to Cannabis Businesses
The Importance Of Cybersecurity During A Merger & Acquisition Transaction
Phishing and Vishing and Smishing (Oh my!): New Types of Scams Require Increased Vigilance
On April 14, the OCC released a letter providing more details on the recent security breach involving its email systems. The breach — identified as a major incident under the Federal Information Security Modernization Act...more
On April 8, the OCC announced it had notified Congress of a major information security incident, as required by the Federal Information Security Modernization Act. The incident involved unauthorized access to emails and their...more
With escalating cyber risks and heightened regulatory scrutiny, every minute after a data breach is crucial. Sophisticated cybercriminals relentlessly target your organization’s most valuable asset: personally identifiable...more
The recent ransomware attack against the Duvel Moortgat Brewery demonstrated the very real risk that cybersecurity incidents pose to the alcohol industry, reportedly halting operations for several days at four of Duvel...more
On October 30, 2023, the SEC filed a litigated complaint against SolarWinds, a software development company, and Timothy Brown, its chief information security officer (CISO). The SEC alleges that from October 2018, when...more
Russia-linked ransomware gang Clop has claimed that it has attacked over 130 organizations since late January, using a zero-day vulnerability in the GoAnywhere MFT secure file transfer tool, and was successful in stealing...more
The legal profession is under constant threat of cyberattacks and breaches. Cybersecurity challenges exist in many contexts but the legal profession is particularly vulnerable due to its federated environment and disparate...more
With the threat of cyber-attacks making the news, it is a good time for all non-profit organizations to review their policies and procedures with respect to data privacy. Many non-profit organizations are particularly...more
Recent incidents of cyberattacks impacting major organizations through exploited weaknesses in third-party relationships have highlighted the importance of holistic third-party risk management, creating an opportunity to...more
Many of us are keeping an eye on the Russia-Ukraine situation these days, and the situation seems to get more serious, not just daily, but hourly. The situation has worldwide ramifications in just about every way possible,...more
Chase Fopiano is the Founder of CyberTech Analytics, a cybersecurity provider that combines the worlds of both law enforcement and information security. Chase began his career as a police officer before diving headfirst into...more
Report on Patient Privacy 22, no. 1 (January, 2022) - New Jersey issued its third settlement in three months on state-level health care privacy and security laws, announcing that three cancer care providers would adopt new...more
Cybersecurity experts around the world are scrambling to sound the alarm about a newly discovered security vulnerability that could be used by attackers to easily infiltrate computer systems. The vulnerability is found in...more
Continued widespread cyber attacks have leaders in just about every industry wary and watchful, and insurance underwriters are no exception. Given the increase in claims from recent ransomware attacks, cyber insurers are...more
Report on Patient Privacy 21, no. 11 (November, 2021) - Attorney Brad Hammer doesn’t always don a suit and tie, or what he calls his “lawyer’s uniform.” A privacy and security expert and founder of the Vakaris Group based...more
This past summer’s string of cyber enforcement actions signals that cybersecurity has become a top priority for the US Securities and Exchange Commission (“SEC”). This focus is consistent with the SEC’s Division of...more
There is little doubt that the U.S. Securities and Exchange Commission is making cybersecurity a top priority. SEC Chair Gary Gensler told a Senate committee on Tuesday, September 14, 2021 that the agency is developing a...more
On August 25, 2021, the FBI issued a Flash Alert to warn companies, especially in the health care industry, about the proliferation of attacks by threat actors using Hive ransomware....more
From the beginning, Information Governance, or InfoGov, has been focused on helping Corporations manage their data, often involving the legal, compliance, and IT departments working together. But what about a corporation’s...more
Faced with the resurgence of cyberattacks in our newfound era of dependence on teleworking, our team is primed to guide you through the fraught aftermath of a cyber attack: Our team will discuss: - how to come back to the...more
How to ensure emerging technologies help rather than hurt your organization - Technology represents the classic double-edged sword for compliance and ethics professionals. When properly utilized, it can be a vital tool,...more
Last month there was a cyber-attack suspected to have been perpetrated by Russian hackers. The attack was traced back to third party – a network management software vendor, SolarWinds. Among its 300,000 customers, SolarWinds...more
On September 15, 2020, the New York Attorney General (NYAG) reached a Consent and Stipulation Agreement (the “Agreement”) with Dunkin’ Brand’s Inc. a year after filing a lawsuit over the company’s response to cyberattacks in...more
As one of the largest information technology service providers to local governments, the cyber-attack on Tyler Technologies (Tyler) in Plano, Texas is a sobering reminder of how a cyber-attack on a third-party vendor can put...more
Cyber criminals see opportunity in the pandemic. Some exploit security vulnerabilities in remote working. Others prey on people’s fears by crafting phishing emails and malware-infected websites purportedly about the...more