Infoworld recently highlighted spearphishing which is “a targeted approach to phishing that is proving nefariously effective, even against the most seasoned security pros.”  The November 9, 2015 report was entitled “10 reasons why phishing attacks are nastier than ever” including the fact that spearphising is sent by some

Continue Reading #Spearphishing Attacks are headed your way even though they appear to be messages from your boss!

Neustar Engineering reported that there are millions of phishing emails every day since most “email servers don’t actually block email that may be spoofed and may even fail authentication at some level.” The August 20, 2015 blog entitled “Ten Cyberthreats Outside the Firewall” included the following comments about

Continue Reading Phishing is in the Top Ten Cyberthreats

I will moderate this important live TexasBarCLE webcast on November 17, 2015 with Thomas Petrowski (Chief Division Counsel from the Dallas Office of the FBI) and Nick Akerman (former US Attorney and partner at Dorsey & Witney in New York who has the Computer Fraud/Data Protection blog).  Please

Continue Reading WEBCAST: What Every Lawyer Needs to Know About Cybercrime

Only weeks before the US Patriot Act will be replaced with the USA Freedom Act a federal judge ruled that National Security Agency (NSA) Bulk Telephone Metadata Program which was revealed by Edward Snowden in 2013 that systematically collects Americans’ domestic phone records in bulk “likely violates the Constitution.” After

Continue Reading More Impact from Snowden as Court Rules that NSA Bulk Phone Record Collection Violates the Constitution

After more than 50 data security settlement agreements with various companies, the FTC (Federal Trade Commission) issued its Guide that recommending that companies “consider security from the start assess their options and make reasonable choices based on the nature of their business and the sensitivity of the information involved.”  The

Continue Reading Cyber Risk Lessons Learned about Information Security

According to the 2015 Threat Report  about MaaS is that the “ average price for exploit kits is usually between $800- $1,500 a month, depending on the features and add-ons” and the “price is likely to remain low due to increased competition.”  The Websense Report was issued in April 2015

Continue Reading MaaS (Malware-as-a-Service) – the Cybercrime Cloud Service NO ONE Wants to Think about

A report from Tenable Network Security identifies that blind spots “can increase legal risk because information retention policies designed to limit legal liability are very unlikely to be applied to electronically stored information (ESI) contained on unauthorized cloud, mobile and virtual assets.” Tenable Network Security’s April 15, 2015 report entitled

Continue Reading Advice about Cybersecurity Blind Spots Including Cloud Access

Everyone should already know cyber intrusions are “when not if,”  so the Federal Communications Commission (FCC) prepare a tool which “is designed for businesses that lack the resources to hire dedicated staff to protect their business, information and customers from cyber threats.” The FCC’s “Small Biz Cyber Planner

Continue Reading Cyber Intrusion Planning Should Include Training Employees about eMail

It is imperative that General Counsel learn IT technology and lingo- and that IT legal jargon given a recent survey identified that in almost 450 companies 31% rely on IT and 21% rely on General Counsel to be primarily responsible for assuring legal compliance when cyber intrusion occurs. Zurich sponsored

Continue Reading Cyber Intrusion Responsibility Shared by General Counsel & IT

In a recent speech SEC Chair Mary Jo White declared that while “cybersecurity attacks cannot be entirely eliminated, it is incumbent upon private fund advisers to employ robust, state-of-the-art plans to prevent, detect, and respond to such intrusions.” On October 16, 2015 Chair White also stated that:

Cybersecurity is the

Continue Reading SEC Declares Planning for Prevention and Detection of Cyber Intrusions is Essential!