The Race is On! Crypto Agility vs Quantum Computing. Who is ahead?

Thales eSecurity

Preparing for Data Security in the Quantum Computing Era. Each passing day brings the world closer to the exciting reality of powerful quantum computing. Weather prediction, air traffic control, urban planning, defense strategies, medical research and so much more will be affected by the new era of computing power in ways we can’t even yet predict. Quantum computing is a threat to public key infrastructure and security systems that rely on it.

Supreme Court of Pennsylvania Ruling on Common Law Duty to Protect Electronic Employee Data

Hunton Privacy

The case arose from a data breach in which criminals accessed UPMC’s computer systems and stole the personal and financial information of 62,000 current and former UPMC employees. The court held that: (1) an employer has a duty under Pennsylvania common law to use reasonable care to safeguard its employees’ sensitive personal information that it stores on Internet-accessible computer systems; and (2) Pennsylvania’s economic loss doctrine did not bar the plaintiffs’ negligence claim.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

The Last Watchdog

With the largest concentration of cybersecurity expertise –– the “oil” — in the world, Maryland is fast changing from the Old Line State into “Cybersecurity Valley.” In addition, the state is home to 16 nationally designated cybersecurity Centers of Excellence and a state university and college system that graduates more cyber-degreed engineers than any other state. According to Cybersecurity Ventures, there will be 3.5

Maryland Court Finds Coverage for Lost Data and Slow Computers After Ransomware Attack

Hunton Privacy

State Auto Property and Casualty Insurance Company , finding coverage for a cyber attack under a non-cyber insurance policy after the insured’s server and networked computer system were damaged as a result of a ransomware attack. National Ink’s server and networked computers experienced a ransomware attack, which prevented National Ink from accessing the logos, designs and software that are stored on these servers.

According to the ABA, Lawyers are “Failing at Cybersecurity”: Cybersecurity Trends

eDiscovery Daily

In these days of increased data privacy emphasis with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), how are lawyers doing with regard to cybersecurity within their firms? According to the American Bar Association Legal Technology Resource Center’s ABA TechReport 2019, they are “failing at cybersecurity”. Articles on cloud computing , cybersecurity and websites and marketing were released free online.

Friday the 13th is Unlucky for the City of New Orleans. Almost. Maybe.: Cybersecurity Trends

eDiscovery Daily

Cybersecurity is also a big challenge for municipalities as we saw on Friday. NOLA Ready tweeted that “suspicious activity was detected on the City’s network,” and as investigations progressed, “activity indicating a cybersecurity incident was detected around 11 a.m.”

Court Rules Fraud Involving a Computer Is Not ‘Computer Fraud’ under Crime Protection Policy

Hunton Privacy

18, 2016), that a crime protection insurance policy does not cover loss resulting from a fraudulent email directing funds to be sent electronically to the imposter’s bank account because the scheme did not constitute “computer fraud” under the policy. GAIC denied coverage, claiming that the loss did not directly result from the use of a computer nor did the use of a computer cause the transfer of the funds.

What’s a Lawyer’s Duty When a Data Breach Occurs within the Law Firm: Cybersecurity Best Practices

eDiscovery Daily

Right inside the door, you see a handwritten notice on a big whiteboard which says: All network services are down, DO NOT turn on your computers! Finding this odd, you turn to your firm receptionist who tells you that the firm was hit with a ransomware attack overnight, and that if you turn on your computer all of your files will be immediately encrypted, subject to a bitcoin ransom.”. Electronic Discovery Security

Spotlight Podcast: At 15 Cybersecurity Awareness Month Grows with Cyber Risk

The Security Ledger

In this Spotlight Podcast, sponsored by RSA: October is Cybersecurity Awareness Month. But what does that mean in an era when concerns about cybersecurity permeate every facet of our personal and professional lives? Russ Schrader of the National Cybersecurity Alliance (NCSA) and Angel Grant of RSA join us to discuss the history of Cybersecurity. » Related Stories Spotlight Podcast: 15 Years Later Is Cybersecurity Awareness Month Working?

Is Blockchain as Secure as People Think? Maybe Not: Cybersecurity Best Practices

eDiscovery Daily

One advantage that a lot of people have been saying about blockchain is the idea that it’s essentially “unhackable” from a cybersecurity standpoint. An attacker had somehow gained control of more than half of the network’s computing power and was using it to rewrite the transaction history. Maybe Not: Cybersecurity Best Practices appeared first on CloudNine. Blockchain Electronic Discovery Security

First Ever Multi-State Data Breach Lawsuit Targets Healthcare Provider: Cybersecurity Trends

eDiscovery Daily

The lawsuit alleges that Fort Wayne-based Medical Informatics Engineering and its subsidiary NoMoreClipboard “failed to take adequate and reasonable measures to ensure their computer systems were protected,” resulting in a 2015 breach that gave hackers access to the personal healthcare information of 3.9 The post First Ever Multi-State Data Breach Lawsuit Targets Healthcare Provider: Cybersecurity Trends appeared first on CloudNine. Electronic Discovery Privacy Security

Hong Kong Regulator Imposes New Conditions to Regulate Outsourcing Arrangements for Cloud Storage

Data Matters

The Securities and Futures Commission of Hong Kong (SFC) issued new guidance to regulate the use of external electronic data storage providers (EDSPs 1 ) by licensed firms that intend to keep (or have previously kept) records or documents required to be maintained pursuant to the statutory recordkeeping rules and anti-money-laundering regime (Regulatory Records) in an online environment. 2 Circular to Licensed Corporations – Use of external electronic data storage (October 31, 2019).

FERC Proposes to Adopt Reliability Standards Designed to Mitigate Cybersecurity Risk

Hunton Privacy

On January 18, 2018, the Federal Energy Regulatory Commission (“FERC”) issued a Notice of Proposed Rulemaking (“NOPR”) that proposes the adoption of new mandatory Reliability Standards designed to mitigate cybersecurity risk in the supply chain for electric grid-related cyber systems. 829 , which ordered the development of standards to address supply chain risk management for industrial control system hardware, software and computing and networking services.

Uber’s Response to Data Breach? Pay the Hackers to Keep Quiet About It: Cybersecurity Trends

eDiscovery Daily

According to Bloomberg, the breach occurred when two attackers accessed a private GitHub coding site used by Uber software engineers and then used login credentials they obtained there to access data stored on an Amazon Web Services account that handled computing tasks for the company. Pay the Hackers to Keep Quiet About It: Cybersecurity Trends appeared first on CloudNine. Electronic Discovery Privacy Security

Midterm Election Security: Why Patching Is a Critical Issue

Data Breach Today

Many of the computer devices to be used for electronic voting in November's midterm elections have unpatched older operating systems that make them vulnerable, says Darien Kindlund, a data scientist at the cybersecurity firm Insight Engines, which advises governments and others

Fund Managers Targeted in Sophisticated Cyberattacks

Data Matters

investment management firms examined did not conduct periodic risk assessments of critical systems to identify cybersecurity threats, vulnerabilities and their potential business consequences. For remote access to emails, trading systems and other electronic data containing confidential information, the authentication mechanism should utilize at least two of the following factors: what a person knows (e.g.,

Fund Managers Targeted in Sophisticated Cyberattacks

Data Matters

investment management firms examined did not conduct periodic risk assessments of critical systems to identify cybersecurity threats, vulnerabilities and their potential business consequences. For remote access to emails, trading systems and other electronic data containing confidential information, the authentication mechanism should utilize at least two of the following factors: what a person knows (e.g.,

Fired IT Guy Deleted 23 of His Ex-Employer’s AWS Servers: Cybersecurity Trends

eDiscovery Daily

When it comes to data breaches and other cybersecurity threats, many people discuss the threats from outside hackers. Needham pleaded not guilty to two charges of the Computer Misuse Act – one count of unauthorized access to computer material and one count of unauthorized modification of computer material – but was convicted in January 2019. The post Fired IT Guy Deleted 23 of His Ex-Employer’s AWS Servers: Cybersecurity Trends appeared first on CloudNine.

White House Proposes Cybersecurity Legislation

Hunton Privacy

As we reported last week , on May 12, 2011, the Obama administration announced a comprehensive cybersecurity legislative proposal in a letter to Congress. The proposal, which is the culmination of two years of work by an interagency team made up of representatives from multiple departments and agencies, aims to improve the nation’s cybersecurity and protect critical infrastructure. Cybersecurity Information Security Online Privacy Security Breach U.S.

University, Professional Certification or Direct Experience?

Security Affairs

Would it be better a university course , a professional certification or an experience in a cybersecurity firm? Today I’d like to share a simple and personal thought about teaching models on cybersecurity. Quite often students ask me how to improve their technical skills and the most common question is: “would it be better an university course a professional certification or getting directly on the field working in a Cybersecurity company ?”. How to improve technical skills?

Amicus Brief on CFAA

Adam Shostack

The EFF has filed an amicus brief on the Computer Fraud and Abuse Act: Washington, D.C.—The The Electronic Frontier Foundation (EFF) and leading cybersecurity experts today urged the Supreme Court to rein in the scope of the Computer Fraud and Abuse Act (CFAA)—and protect the security research we all rely on to keep us safe—by holding that accessing computers in ways that violate terms of service (TOS) does not violate the law.

Leaked Memo Warns of Poor Cybersecurity in White House

Adam Levin

A leaked memo from the Office of the Chief Information Security Officer (OCISO) delivered alarming news about the state of cybersecurity at the White House. Acquired and published online by Axios, the memo was included in a resignation letter from Branch Chief of White House Computer Network Defense Dimitrios Vastakis. Other former cybersecurity officials for the White House have expressed similar concerns and misgivings with the current administration’s cyber policies.

OCR and Health Care Industry Cybersecurity Task Force Publish Cybersecurity Materials

Hunton Privacy

Department of Health and Human Services’ Office for Civil Rights (“OCR”) and the Health Care Industry Cybersecurity Task Force (the “Task Force”) have published important materials addressing cybersecurity in the health care industry. The Task Force’s report notes that “health care cybersecurity is a key public health concern that needs immediate and aggressive attention” and identifies six key imperatives for the health care industry. The U.S.

Why Are Businesses Opting for Edge, AI, and IoT – and Are They Wise to Do So?

ARMA International

Edge computing is increasingly associated with at least two “trending” terms in the IT and information arenas: Internet of Things (IoT) and artificial intelligence (AI). Broadly speaking, the term refers to computing that’s done at or near the source of the data. These great distances can result in delays in computing, which can impact an organization’s capacity to optimally analyze and leverage its data.

FERC Approves NERC’s Supply Chain Risk Management Reliability Standards and Directs NERC to Expand Their Scope

Data Matters

A string of Governmental announcements have increasingly sounded the alarm about the growing cybersecurity threat facing the energy sector. Against this backdrop, it is unsurprising that energy regulators have increasingly focused their attention on cybersecurity issues. Cybersecurity Enforcement Information Security National Security Policy

First Multistate HIPAA Data Breach Lawsuit May Signal Increased State Interest in Data Security Enforcement

Data Matters

On December 3, 2018, twelve attorneys general (“AGs”) jointly filed a data breach lawsuit against Medical Informatics Engineering and its subsidiary, NoMoreClipboard LLC (collectively “the Company”), an electronic health records company, in federal district court in Indiana. According to the complaint, over a period of 19 days, hackers were able to infiltrate the Company’s computer systems. Cybersecurity Data Breaches Data Security Enforcement Health Privacy HIPAA

My Love for What I Do: eDiscovery Love Story

eDiscovery Daily

I once wrote an article about CAR systems back in the mid-80s – Computer Assisted (microfilm) Retrieval (good luck finding that article today) – and it seemed like the wave of the future back then. Now, because of the blog, I am forced to keep up with trends and that has paid considerable dividends in keeping me informed regarding trends in eDiscovery, cybersecurity and data privacy. Electronic Discovery Industry TrendsIt’s Valentine’s Day!

Does Your Business Depend on Stronger Election Security?

Adam Levin

Add state-wide reports of technical glitches and errors with the least cyber-secure variety of voting machine (direct recording electronic voting machines have no paper trail) and Kemp’s own unsubstantiated accusations of Democratic hacking of the voter database, and it’s likely that a sizable portion of the population will view either outcome as being illegitimate. We all have a lot of catching up to do when it comes to cybersecurity.

STEPS FORWARD: How the Middle East led the U.S. to adopt smarter mobile security rules

The Last Watchdog

When it comes to securing mobile computing devices, the big challenge businesses have long grappled with is how to protect company assets while at the same time respecting an individual’s privacy.

MDM 164

Amid Growing Threats, White House Dismantles Top Cybersecurity Post

Data Matters

On May 15, 2018, various media outlets reported that the Trump administration decided to eliminate the position of White House Cybersecurity Coordinator. Warner (D-VA) who called the move “mindboggling” and cybersecurity expert Bruce Schneier, who called it “a spectacularly bad idea.”. The position was established nine years ago to provide presidential engagement and Executive Branch coordination on cybersecurity. Cybersecurity National Security Policy

Today is the Day to “Master” Your Knowledge of eDiscovery in Washington DC for 2018: eDiscovery Trends

eDiscovery Daily

This year’s Washington DC event includes nearly two days of educational sessions covers topics ranging from privacy to cybersecurity to social media to cloud computing. I will be moderating a panel of eDiscovery experts that includes Mike Quartararo , Founder and Managing director of eDPM Advisory Services and author of the 2016 book Project Management in Electronic Discovery; Robert D. Electronic Discovery Industry Trends Information GovernanceIt’s here!

TA505 Cybercrime targets system integrator companies

Security Affairs

I am a computer security scientist with an intensive hacking background. I do have a MD in computer engineering and a PhD on computer security from University of Bologna. During my PhD program I worked for US Government (@ National Institute of Standards and Technology, Security Division) where I did intensive researches in Malware evasion techniques and penetration testing of electronic voting systems.

Relativity Fest is Here! And So Are We!: eDiscovery Trends

eDiscovery Daily

PR186045 – Cybersecurity Due Diligence: Data Security Best Practices For Law Firms and Solution Providers. Electronic Discovery Industry TrendsThe 2018 Relativity Fest conference is here!

Pulse Check- Have You Found Gaps in Your Healthcare Privacy and Security Policies During the Pandemic?

InfoGoTo

protecting remote systems from cybersecurity threats. Policy Example #1: Acceptable Use of Computer Equipment and Internet. Purpose: Establishes guidelines for employees to use personal electronic devices including but not limited to personally owned cell phones, tablets, and computers to perform work duties. Perhaps your healthcare organization, like many others, has had to initiate a remote workforce rapidly in response to COVID-19.

“Master” Your Knowledge of eDiscovery With This Conference in Washington DC Again This Year: eDiscovery Trends

eDiscovery Daily

This year’s Washington DC event includes nearly two days of educational sessions covers topics ranging from privacy to cybersecurity to social media to cloud computing. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data. It’s October!

Off the Record: Ransomware Threats and RM Modernization, Apple Promotes Access and Washington Denies Access

The Texas Record

The city of Atlanta was recently hit with a hacking attack that took control of much of the city’s computer network and this type of event is not a one off. Cybersecurity experts say it’s “a reason to worry,” especially for bigger cities, such as Austin, Texas. Links Access Cartoon electronic records ERMS Health Information Humor Off the Record Open Records Public Records RIM Month

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

Krebs on Security

The email allowed the intruders to install malware on the victim’s PC and to compromise a second computer at the bank that had access to the STAR Network , a system run by financial industry giant First Data that the bank uses to handle debit card transactions for customers.

MY TAKE: COVID-19’s silver lining could turn out to be more rapid, wide adoption of cyber hygiene

The Last Watchdog

Long before COVID-19, some notable behind-the-scenes forces were in motion to elevate cybersecurity to a much higher level. This body of knowledge has been thoroughly vetted across the global cybersecurity community over the past two-plus decades. And they inform the EU’s detailed General Data Privacy Regulation (GDPR), as well as the prescriptive cybersecurity regulations pioneered by the Middle East.

Free Tool: Honey Feed

Security Affairs

Cybersecurity expert Marco Ramilli shared another tool of his arsenal that extracts suspicious IPs from undesired connections, his HoneyPots. Hope you might appreciate my intent to share with cybersecurity community free data in order to improve our digital space. I am a computer security scientist with an intensive hacking background. I do have a MD in computer engineering and a PhD on computer security from University of Bologna.

DHS report – Voting systems in North Carolina county in 2016 were not hacked

Security Affairs

Computer faults that disrupted voting in a North Carolina county in 2016 were not caused by cyber attacks, a federal investigation states. The investigation involved 21 laptops used for the voters’ identification and experts performed a forensic exam of the seized computers.