Mar. 25, 2020

Companywide Work From Home: Six Cybersecurity Considerations

With the novel coronavirus 19 pandemic shifting employees who normally work in an office to remote working, cybersecurity threats – already a significant issue for remote employees – have intensified. Hackers are taking advantage of the thirst for information about the virus, as well as the increased threat surface in the home environment. During a recent webinar hosted by the Cybersecurity Law Report, Dr. Christopher Pierson, CEO and founder of BlackCloak, and former CISO, CPO and GC of various companies, discussed new and existing cyber threats, and measures that CISOs and CPOs should be implementing to mitigate them. We summarize the discussion in this article, and the complimentary recording is here. See “Fixing the Chinks in Companies’ Cyber Armor: Executives” (Feb. 20, 2019).

Are Companies Turning a Blind Eye to Their Lost Data on the Dark Web?

Cybersecurity practitioners who scan the dark web for threats against a client, or its stolen assets, also commonly spot data or assets belonging to non-client organizations and offer courtesy reports to those businesses. Kurtis Minder, CEO of digital risk management company GroupSense, and Joe Meadows, a shareholder at Bean, Kinney & Korman, told the Cybersecurity Law Report about how victim companies commonly ignore courtesy warnings of a data breach, and the need for a uniform clear channel for white-hat reports about breaches and lost corporate assets. They also provided insights into the changing threats found on the dark web, including decentralizing criminal marketplaces and a rise in insider trading on the dark web. See “Vulnerability Disclosure Policies:  A Cost-Effective Best Practice for Cybersecurity” (Sep. 25, 2019).

Gauging the GDPR’s Global Reach

The GDPR applies not only to businesses physically present in the E.U., but also to those that market goods or services to individuals located within the E.U. or that monitor the behavior of E.U. individuals. A recent Cybersecurity Law Report program analyzed the broad jurisdictional reach of the GDPR and provided practical examples of the types of activities that could subject a non-E.U. business to the regime. Matt Fleischer-Black, senior reporter at Cybersecurity Law Report, moderated the program, which featured Vivienne Artz, chief privacy officer at Refinitiv, Ltd., and Bridget Treacy, a partner at Hunton Andrews Kurth. See “Broad but Limited Reach of GDPR Highlighted in ECJ Google Ruling on ‘Right to Be Forgotten’” (Oct. 30, 2019).

Smith, Gambrell & Russell Welcomes Cyber Partner in Atlanta

Tori Silas has joined Smith, Gambrell & Russell as a partner in the firm’s corporate and cybersecurity practices. For more from Silas, see “Privacy Leaders Share Key Considerations for Incorporating a Privacy Policy in the Corporate Culture” (Oct. 19, 2016).