Tabletop for NJSBA Second Annual Cybersecurity Conference

Posted Leave a commentPosted in Cyber Compliance / Regulation, Cyber Risks

Here is a tabletop exercise I drafted that we’ll be running at the Second Annual NJSBA Cybersecurity Conference. Acme Corp. manufactures and sells industrial control systems (ICS).  ICS devices integrate computer chips, hardware and software and can be programmed to monitor, regulate and control various components of commercial manufacturing, assembly and packaging plants.  For example, […]

Why Education and Training Matter to Cybersecurity Compliance

Posted Leave a commentPosted in Cyber Compliance / Regulation

Cybersecurity is an overwhelming problem – so overwhelming that it seems impossible to address.  From the legal and compliance perspective, the problem is compounded by a lack of clear regulatory rules or judicial precedent about what kinds of measures might be sufficient to mitigate the risk of liability for a data breach or other cybersecurity […]

Slides for PLI

Posted Leave a commentPosted in Cyber Compliance / Regulation

Here are my slides for the “Think Like a Lawyer Talk Like a Geek” PLI Presentation tomorrow.  

FTC Data Breach Response Guide

Posted Leave a commentPosted in Cyber Compliance / Regulation

The FTC has issued a new data breach response guide for businesses.  There is a good amount of useful information in the guide, particularly in the steps to take immediately upon learning of a data breach.  In particular, the steps to secure affected operations are important, including assembling a forensic and legal team, securing physical […]

The FTC, Ransomware, and You

Posted Leave a commentPosted in Cyber Compliance / Regulation, Cyber Crime, Cyber Risks

“Ransomware” is malicious software that enables attackers to hold computer data or a computer network hostage until a ransom is paid.  Ransomware often encrypts all the files on a system, making them unusable until the attacker supplies an encryption key.  An FBI Alert issued last week stated that ransomware infections are at an “all-time high.”  […]

Cybersecurity for Law Firms

Posted Leave a commentPosted in Cyber Compliance / Regulation

Here are my Powerpoints from the NJICLE Cybersecurity Conference this week on Cybersecurity for Law Firms.    

NY Department of Financial Services Cybersecurity Regulations

Posted Leave a commentPosted in Cyber Compliance / Regulation

Yesterday the New York State Department of Financial Services sent a letter to members of the Financial and Banking Information Infrastructure Committee announcing a plan to enact new cybersecurity regulations for financial institutions.  The regulations would require covered entities to Maintain written internal cybersecurity policies and procedures; Maintain policies and procedures to ensure the security […]