Practical Steps to Reduce Cybersecurity Risks During COVID-19
The increased focus on online communications has brought a substantial uptick in breaches, with the most ubiquitous being the “business email interruption” scam. The most popular variant is where Office 365 or Gmail accounts are hacked through a phishing email, and the hacker then sends a fraudulent invoice purporting to be from a legitimate vendor, […]
NSA-Approved Cybersecurity Law and Policy Course Now Available Online
Anyone who is interested in cybersecurity law and policy can now take an online course that was partly shaped by National Security Agency, which...
HIPAA Breach Reporting: 2017 Trends and Mends
For incidents affecting less than 500 individuals, HIPAA-covered entities have until two months past the end of the year to report them, rather than the 60-day deadline for larger breaches, and this data for 2017 is becoming available. Hacking and IT incidents without major data breaches rose by 25 percent, with 142 in 2017 compared […]
DOJ OIG Faults FBI for Poor Notifications to Breach Victims
A new report from the Department of Justice Office of Inspector General faults the Federal Bureau of Investigation for its process for notifying the victims of cyberattacks. OIG identified issues with both the quality and completeness of the information stored in the agency’s Cyber Guardian system, the tool the FBI uses to disseminate breach notifications. […]
Trump Year Two Starts with Major Tech and Cyber Vacancies
http://www.nextgov.com/cio-briefing/2018/01/trump-year-two-starts-major-tech-and-cyber-vacancies/145337/
After MGT, Hurd to Focus on Cybersecurity Workforce
Representative Will Hurd (R-TX) says that his next goal will be strengthening the federal cybersecurity workforce, likely through the creation of a Cyber National Guard. Hurd currently is shepherding the Modernizing Government Technology Act through Congress, but once that bill is passed, he hopes to tackle the cyber workforce. Hurd’s plan for a Cyber National […]
House Measure asks DHS to Share Info on Potential ZTE Cyber Threat
A House of Representatives "resolution of inquiry" introduced by Representative Bennie Thompson (D-MS) would direct DHS to give lawmakers any documentation the agency has...
Presidential Advisers Make the Case for a New Cybersecurity Center for Sharing Threats
The president’s National Infrastructure Advisory Council reports that federal agencies aren’t sufficiently exercising the authorities they have to inform critical private-sector entities of vulnerable supply chain elements and other threats. To address the problem, the council argues for the creation of a Critical Infrastructure Command Center, where public- and private-sector partners would share a 24/7 […]
Ask the Legal Tech Marketer: How Can I Prove That Client Data is Safe...
Leading legal technology marketers shared their recommendations on how firms can convince their clients that their data is safe. Sue Lyon-Boggs, a writer in the legal industry, urges firms to create a culture of security that requires every employee to understand how measures work and commit to using them. “Lawyers should be able to discuss with […]
How to Prepare For a Security and Compliance Audit
Nikola Todev of OnRamp writes about the pervasiveness and importance of security audits, and the difficulty of aligning an organization’s business practices to the applicable security frameworks. He comments that “meeting security specifications requires monetary investment, often causes confusion and in some cases, even results in a loss of direction.” In a two-part article, he […]