New HHS Guidance Combats Cyber Threats in Healthcare

A with Reece Hirsch of Morgan Lewis
Late last year, the U.S. Department of Health and Human Services (HHS) released voluntary cybersecurity standards that help bring the HIPAA Security Rule into focus and up to date with current cyber threats. The new guidance could also have implications for the way “reasonable standards” are legally defined going forward. We spoke with Reece Hirsch, co-head of the Privacy and Cybersecurity practice atMorgan Lewis, about the guidance and its advantages for healthcare organizations.

Continue Reading

GDPR So Far

A Q&A with Ian Birdsey of Pinsent Masons
The European Union’s General Data Protection Regulation (GDPR) has been implemented for over a year, and we can now start to understand just how this sweeping law is being enforced and the ways it has positively impacted data security. We posed these questions to Ian Birdsey, data protection specialist and partner of Pinsent Masons, LLP.

Continue Reading

Tuning in to Silent Cyber

A Q&A with Scott Stransky of AIR Worldwide
The exposures associated with cyber incidents and losses reach far and wide, including a whole category of risk called “silent cyber.” With traditional policies offering ambiguous coverage for cyber events, insurers and their insureds face a significant amount of gray area for these risks, which have now become commonplace. To better understand silent cyber and what can be done about it, we talked to Scott Stransky, vice president and director of emerging risk modeling at AIR Worldwide.

Continue Reading

Cyber Mercenaries and Insurance Risk

A Q&A with Chris Rock of SIEMonster

Cyber mercenary activity—in which geopolitical states sponsor hackers and private firms to wage acts of cyber offence on other states, organizations and individual citizens—has been on the rise for at least a decade, though the wider public is only now just starting to understand its grave implications. To get a better handle on the current state of global cybersecurity affairs, we talked to professional hacker Chris Rock, CEO and founder of SIEMonster.

Continue Reading

Banking Trojans and Financial Risk

A Q&A with Sherri Davidoff, CEO of LMG Security and BrightWise, Inc.
One of the most disturbing developments in financial cybercrime is the advent and increasing popularity of banking Trojans, which pose a grave risk to both consumers and financial organizations. To find out more about banking Trojans and how to avoid them, we spoke to Sherri Davidoff, cybersecurity expert, author, speaker and CEO of both LMG Security and BrightWise, Inc.

Continue Reading

Ransomware Negotiations

A Q&A with Bill Siegel of Coveware
Given the prevalence and sophistication of ransomware—not to mention the financial stakes involved in these exploits—it’s no longer wise to leave delicate negotiations to internal staff. We spoke to Coveware’s CEO and cofounder Bill Siegel about the nuances involved in handling threat actors and why having data at the ready can better inform a company’s decision-making.

Continue Reading

Catastrophic Ransomware

A Q&A with Chris Nyhuis of Vigilant Technology Solutions
Cyber security threats are always evolving, but in the last six months, a vicious new breed of ransomware attack has emerged, powerful enough to take down an enterprise organization. To learn more about it, we talked to Chris Nyhuis, President and CEO of Vigilant Technology Solutions, an international security and total IT solution provider.

Continue Reading

Business Email Compromises in Office 365

A Q&A with Chris Salsberry of Crypsis
One of the most prominent cyber threats affecting companies right now is business email compromise (BEC). These attacks typically begin with phishing emails that capture log-in credentials.The widely used cloud-based Microsoft Office 365 has proven especially vulnerable, with millions of dollars lost in fraudulent wire transfers over the past couple of years. We talked to The Crypsis Group’s senior director Chris Salsberry about this attack vector and how companies can avoid being compromised.

Continue Reading

Medical Devices and Data Risk

A Q&A with Paul Otto of Hogan Lovells
Given recent events such as the 2017 WannaCry ransomware attack that affected more than 200,000 computers across 150 countries, concerns about data privacy and medical devices have come to the fore with increased scrutiny from regulators. To understand the risks medical devices pose and how companies are responding, we spoke to Paul Otto, senior associate of Hogan Lovells in Washington, DC.

Continue Reading

The California Consumer Privacy Act and the Future of Privacy Law in the US

A Q&A with Jon Neiditz of Kilpatrick Townsend & Stockton LLP

Passed in 2018 and slated to go into effect January 2020, AB 375 or The California Consumer Privacy Act (CCPA) was created to give consumers better ownership and control over their personal data but opens up a world of compliance questions for businesses that sell such data. We spoke with Jon Neiditz, who co-leads the Cybersecurity, Privacy and Data Governance practice at Kilpatrick Townsend and Stockton LLP about the Act and its implications for the future of privacy regulation.

Continue Reading

No more posts.