Feb. 20, 2019

Fixing the Chinks in Companies’ Cyber Armor: Executives

When key executives use work devices, they are protected from cyber attacks by their companies’ cybersecurity teams. Attackers have found, however, that when these executives are off the network in their homes or on personal devices, many lack even the most basic controls and protections. Why penetrate a $10-million system of firewalls, intrusion detection/prevention systems, privileged access management systems and behavior-based anti-malware controls when you can target a $100 home router or computer with no security enabled? In this guest article, BlackCloak founder and CEO Dr. Chris Pierson explains how the home is the next battlefield in the war on financial institutions, defense companies, family offices, hedge funds and other centers of wealth and influence. He explores the cyber-crime landscape, how hackers can infiltrate the company through executives and suggests controls to mitigate these risks. See also “Key Cyber Threats and Targets for 2019” (Jan. 16, 2019).

Implications of the Illinois Supreme Court’s BIPA Holding Against Six Flags

An individual suing under Illinois’ Biometric Privacy Act (BIPA) does not need to allege an actual injury beyond a violation of rights under BIPA to pursue an action for liquidated damages and injunctive relief, the Illinois Supreme Court held in its most recent BIPA decision, Rosenbach v. Six Flags Entertainment Corp. In this article, with insight from legal experts, we discuss the expansive view of statutory standing this decision takes, the implications of the decision and what companies can do to mitigate risk when using biometric information. See also “Biometric Data Protection Laws and Litigation Strategies (Part One of Two)” (Jan. 31, 2018); Part Two (Feb. 14, 2018).

ACA Aponix-NSCP Cyber Survey Finds Growing Numbers of Security Incidents, Cloud Use and Regulatory Burdens

ACA Aponix and the National Society of Compliance Professionals recently conducted their second annual Cyber Survey. In a recent webcast, Raj Bakhru and Steve Blossom, a partner and senior principal consultant, respectively, at ACA Aponix, discussed the survey findings. “The number [of respondents] who have had breaches or security incidents is concerning. That number is also trending in the wrong direction,” Bakhru told the Cybersecurity Law Report in a subsequent interview.  This article highlights the survey’s key findings and the speakers’ insights. See “Fifteen Tips for an Effective Cybersecurity Board Presentation” (Oct. 10, 2018).

Husch Blackwell Announces New Co-Leader of Data Security & Privacy Team in Denver

Cyber expert David Stauss has joined Husch Blackwell to co-lead the firm’s data security & privacy team in Denver, where he will counsel clients on preparing for and responding to data security incidents as well as complying with regulations such as the GDPR and the California Consumer Privacy Act of 2018. For more insight from Stauss, see “Colorado’s Revised Cybersecurity Law Clarifies and Strengthens Existing Requirements” (Sep. 12, 2018).