Posts by:Mark Greisiger
Business Email Compromises in Office 365
A Q&A with Chris Salsberry of Crypsis
One of the most prominent cyber threats affecting companies right now is business email compromise (BEC). These attacks typically begin with phishing emails that capture log-in credentials.The widely used cloud-based Microsoft Office 365 has proven especially vulnerable, with millions of dollars lost in fraudulent wire transfers over the past couple of years. We talked to The Crypsis Group’s senior director Chris Salsberry about this attack vector and how companies can avoid being compromised.
Medical Devices and Data Risk
A Q&A with Paul Otto of Hogan Lovells
Given recent events such as the 2017 WannaCry ransomware attack that affected more than 200,000 computers across 150 countries, concerns about data privacy and medical devices have come to the fore with increased scrutiny from regulators. To understand the risks medical devices pose and how companies are responding, we spoke to Paul Otto, senior associate of Hogan Lovells in Washington, DC.
The California Consumer Privacy Act and the Future of Privacy Law in the US
A Q&A with Jon Neiditz of Kilpatrick Townsend & Stockton LLP
Passed in 2018 and slated to go into effect January 2020, AB 375 or The California Consumer Privacy Act (CCPA) was created to give consumers better ownership and control over their personal data but opens up a world of compliance questions for businesses that sell such data. We spoke with Jon Neiditz, who co-leads the Cybersecurity, Privacy and Data Governance practice at Kilpatrick Townsend and Stockton LLP about the Act and its implications for the future of privacy regulation.
California’s Consumer Privacy Act: What You Need to Know
A Q&A with Andy Sambandam of Clarip Inc.
What is arguably the nation’s most far-reaching consumer privacy and security law was passed with lightning speed last week in California. While the law doesn’t go into effect until January, 2020, companies are being advised to get up to date on the new regulation and its stipulations—and their potential liabilities should they fail to follow them. To understand more about the law, we spoke to Andy Sambandam, founder and CEO of Clarip, Inc., a privacy management platform that helps consumers and businesses stay compliant with regulation.
The Future of Cyber Defense
A Q&A with Wyatt Hoffman of Carnegie Endowment for International Peace
As cyber-attacks continue to mount, private organizations are ramping up their security activities, and many wonder whether “active cyber defense” is the answer. Of course, what constitutes “active cyber defense” is an emerging debate for international lawmakers and policy makers, says Carnegie Endowment for International Peace senior research analyst Wyatt Hoffman. I asked him about this concept and the related issues at hand.
NetDiligence Security & Privacy Advisory – California Consumer Privacy Act
NetDiligence® Security/Privacy Advisory – June 28th, 2018
California Consumer Privacy Act (2018) Becomes Law; Takes Effect 1/1/2020
This NetDiligence Security/Privacy Advisory is published for the benefit of our cyber insurance carrier/broker clients and their insureds. We urge clients to take special note of the details included in this Advisory and take preventative/remedial action on a timely basis. Clients are welcomed to distribute this Advisory to their colleagues and others as they see fit, provided it is distributed without modification of its contents.
Today, June 28th, 2018, marks a turning point in consumer data privacy protection in the United States, as California enacts the strongest such law in the country, giving consumers greater rights to restrict how private businesses collect and share/sell their personally identifiable information with third parties.
The Equifax Cybersecurity Ruling: The Future of Cyber Breach Litigation?
A Q&A with Michelle Visser of Ropes & Gray LLP
The recent ruling that Massachusetts’ Attorney General can move forward with its suit against Equifax portends a new era in data breach litigation and regulation. To find out more about this case and what it means for corporate risk, I spoke with Michelle Visser, a Massachusetts-licensed attorney with the global law firm Ropes & Gray LLP.
Cyber Risk and Community Banks
A Q&A with Brian Schaeffer of OceanFirst Bank N.A.
It’s a given that cyber attackers will target financial institutions but community banks and credit unions may be more vulnerable, with fewer resources to devote to security and the assumption, among perpetrators, that they’re an easier mark. I spoke to Brian Schaeffer, Chief Information Security Officer of OceanFirst Bank, a $7.4 billion asset Bank based in New Jersey, about the current risk landscape for smaller financial institutions and how they can best prepare to face off against these threats.
Machine Learning and Threat Detection
A Q&A with Jim Leonard of InfoArmor
One of the newer and potentially more promising weapons being deployed in the battle for cyber security is machine learning, in which systems can improve themselves based on experience and previous data. We asked Jim Leonard, Director with the Advanced Threat Intelligence unit at InfoArmor for some insight on this technology and how it might help mitigate threats.
No more posts.