Category Archives: cybersecurity

Weapons in the Cyber Defense Arsenal

In May 2017, the world experienced an unprecedented global cyberattack that targeted the public and private sectors, including an auto factory in France, dozens of hospitals and health care facilities in the United Kingdom, gas stations in China and banks in Russia. This is just the tip of the iceberg and more attacks are certain …

Read more »

fingerprints biometrics

Health Care Task Force Pre-Releases Report on Cybersecurity Days Before Ransomware Attack

Last week, the Health Care Industry Cybersecurity (HCIC) Task Force (the “Task Force”) published a pre-release copy of its report on improving cybersecurity in the health care industry.  The Task Force was established by Congress under the Cybersecurity Act of 2015.  The Task Force is charged with addressing challenges in the health care industry “when …

Read more »

data security privacy FCC cybersecurity

Yesterday, #WannaCry. Today, #DocuSignPhish

Another day, another data incident.  If you use DocuSign, you’ll want to pay attention. The provider of e-signature technology has acknowledged a data breach incident in which an unauthorized third party gained access to the email addresses of DocuSign users.   Those email addresses have now been used to launch a massive spam campaign.   By using …

Read more »

data security privacy FCC cybersecurity

“WannaCry” Ransomware Attack Causes Disruption Globally – With Worst Yet to Come

A ransomware known as “WannaCry” affected 200,000 people in 150 countries over the weekend, locking computer files and demanding payment to release them. As of this morning, Australia and New Zealand users seem to have avoided the brunt of the attack, with the Federal Government only confirming three reports of Australian companies being affected.  Not …

Read more »

data security privacy FCC cybersecurity

Company Awarded Damages After Former Employee Hacks Its Systems and Hijacks Its Website

A company can recover damages from its former employee in connection with his hacking into its payroll system to inflate his pay, accessing its proprietary files without authorization and hijacking its website, a federal court ruled. Tyan, Inc. v. Yovan Garcia, Case No. CV 15-05443- MWF (JPRx) (C.D. Cali. May 2, 2017). The Defendant worked as …

Read more »

Appeal in Home Depot Data Breach Derivative Action Results in Settlement of Corporate Governance Claims

Snatching victory of a sort from the jaws of defeat, shareholders who brought a derivative action alleging that the 2014 Home Depot data breach resulted from officers’ and directors’ breaches of fiduciary duties have reached a settlement of those claims. As previously reported, that derivative action was dismissed on November 30, 2016.  That dismissal followed on the …

Read more »

Trump’s First Hundred Days and Cybersecurity

Executive Order Delay Trumps Administration Policy Development President Trump’s first hundred days did not produce the event that most people in the cybersecurity community expected – a Presidential Executive Order supplanting or supplementing the Obama administration’s cyber policy – but that doesn’t mean that this period has been uneventful, particularly for those in the health …

Read more »

Sharing Cyber Threat Information

The Information Sharing and Analysis Organization-Standards Organization (ISAO-SO) was set up under the aegis of the Department of Homeland Security pursuant to a Presidential Executive Order intended to foster threat vector sharing among private entities and with the government. ISAOs are proliferating in many critical infrastructure fields, including health care, where cybersecurity and data privacy …

Read more »

Broadband Internet Service Providers In Regulatory Limbo After Repeal of FCC Privacy and Data Security Rules

Potentially signaling the end of the short-lived stint by the Federal Communication Commission (“FCC”) to regulate consumer data privacy on the internet, the Trump Administration recently repealed Obama-era data privacy and security rules for broadband providers.  The action, passed by Congress and signed by President Trump pursuant to the Congressional Review Act, completely rescinds the …

Read more »

Proposed Federal Cybersecurity Regulations for Financial Institutions Face Uncertain Future

Last year’s proposed comprehensive framework for cybersecurity rules for large financial institutions is suddenly facing an uncertain future.1With the comment period having closed as of February 2017, the framework was facing criticism as unnecessary for an industry already subject to a host of federal, state, and international cybersecurity regimes. That criticism – now coupled with …

Read more »