Parsing the EU’s Cybersecurity Rules

A Q&A with Alan Meneghetti of Locke Lord LLP

Last December, the European Commission, the European Parliament and the Council announced that they had reached an agreement on an EU-wide cybersecurity directive that should go into effect within the next few years. I asked UK-based lawyer Alan Meneghetti about what the new rules mean and what they cover.

Continue Reading

Australian Cyber Security: A Primer

A Q&A with Leah Mooney of MinterEllison
The cyber security field is rapidly evolving in Australia where new legislation, growing costs and an increased awareness of threats and liability have spurred discussion and concern. I spoke with Attorney Leah Mooney, special counsel in the Insurance and Corporate Risk Group of MinterEllison, about the state of affairs in Australia and what businesses operating there might need to know about looming risks and how to mitigate them.

Continue Reading

Medical Device Hacks: When Cyber Risk Becomes Deadly

Insulin Pump HiResA Q&A with Benjamin Caudill of Rhino Security Labs
With every advance in the Internet of Things comes more risks, and nowhere is this more true than in the field of medical devices, which, if seized by the wrong hands, have the potential to do bodily harm. I spoke with Benjamin Caudill, founder and CEO of Rhino Security Labs, about the exposures created by embedded systems in medical devices and what risk managers, corporate leaders and the general public might need to know.

Continue Reading

Ransomware: A Law Enforcement Perspective

Ransomware medA Q&A with Benjamin Stone of the FBI
It’s becoming an increasingly common story: Cyber perpetrators lock systems down with malware and then demand payment to release them. I asked Benjamin Stone, Supervisory Special Agent of the FBI’s Cyber Criminal Squad in Philadelphia, about ransomware and current conditions for cyber criminal activity.

Continue Reading

Protecting Industrial Control Systems

A Q&A with Joe Weiss of Applied Control Solutions
The security of industrial control systems is increasingly vulnerable to cyber-attack and the stakes for failure are extremely high, yet there’s little public understanding and media coverage about these very real risks. I talked to Joe Weiss of Applied Control Solutions about why industrial control systems should be the most important frontier in cyber security and what organizations can do to protect against this growing threat.

Continue Reading

Data Breach Events: A Plaintiff Perspective

Email Computer Key For Emailing Or ContactingA Q&A with John Yanchunis of Morgan & Morgan
The legal landscape around data loss is rapidly evolving, and with major events such as the Anthem breach changing the game on a daily basis, it can be a challenge to keep up with the courts’ current thinking. I spoke with plaintiff attorney John Yanchunis of Morgan & Morgan about some of the most recent developments he’s observed.

Continue Reading

Data Security Risks in Higher Education

A Q&A with John Sileo, Sileo Group
Data security and privacy are a growing concern among educational institutions, with some 727 breaches taking place in higher education from 2005-2014, according to the Privacy Rights Clearinghouse. I spoke with John Sileo of The Sileo Group about the reasons this space has become particularly vulnerable to data loss.

Continue Reading

A View From Europe

 

Group Of Business People Standing In A White Background With BluA Q&A with Nick Beecroft of Lloyd’s of London
New regulation and awareness around growing threats such as operational attacks is changing the face of the European insurance market. I talked to Nick Beecroft, emerging risks and research manager at Lloyd’s of London, about his work assessing cyber vulnerabilities and helping develop products to address them.

Continue Reading

Sorting Out the Consequences of PCI Data Security Noncompliance

A Q&A with David Navetta of Information Law Group
The Payment Card Industry (PCI) Security Standards Council Data Security Standards (DSS) were established in 2006, but that’s only one piece of the payment card liability puzzle. Merchants are also held to card brand rules via their merchant and other contractual arrangements with merchant banks or the card brands. I spoke with Dave Navetta, a founding partner of InfoLawGroup LLP, about the types of consequences retailers can face during a data breach.

Continue Reading

No more posts.