It was great to be a guest on the YouAttest #AuditTuesday show to talk about Cybersecurity and Cyber Law Identity Governance Matters. If you enjoyed this video, please join the discussion here on LinkedIn ..read more

I am happy that I was able to provide the Texas Bar Journal’s 2023: The Year In Review – Cybersecurity & Data Privacy Update which addressed the following issues: how the Texas “hacking laws” and issue of “consent” impact the discovery of evidence of child pornography whether sending a malicious phishing email violates “hacking laws ..read more

This morning I read an article about how brain scanning technology is causing Colorado and Minnesota to propose legislation that is aimed at establishing rights and protections for information collected from our thoughts through the neural signals that can be scanned and collected from our brains. (Brain-Scanning Technology Spurs State Moves on Neural Privacy) Kuddos ..read more

“There is no such thing as ‘secure’ when it comes to cybersecurity.” “The odds in cybersecurity are impossible — those defending have to get it right 100% of the time and those attacking only need one lucky shot.” These are a few of the sayings that I have used throughout the years when trying to ..read more

HHS 405(d) is an excellent resource that provides cybersecurity and cyber risk guidance for not only healthcare organizations, but all organizations. HHS 405(d) released the following resource for cyber insurance. Before getting to the resource, however, there are two critical things you must know about cyber insurance: New 405(d) One-Pager: How to Implement Cybersecurity Insurance ..read more

There is a trending scam of stealing funds from gift cards purchased in stores where criminals replace original gift cards with nearly-perfectly doctored cards that have been tampered with by having the barcodes changed to transfer the money intended to go on the gift card to other accounts controlled by the criminals. “Steal the originals ..read more

Your organization has been breached, now what? That’s the title of our discussion at Tech Titans’ Cybersecurity Forum this Thursday, December 14, 2023, from 3:30 – 6:00 PM in Richardson, Texas. This event is available for both members of Tech Titans and non-menbers and you can register at this link: https://business.techtitans.org/events/details/cybersecurity-forum-december-14-2023-4826?calendarMonth=2023-12-01 I will be moderating ..read more

Is the law evolving to hold individuals — specifically CISOs — responsible for companies’ cybersecurity failures? In my opinion, the answer is yes, albeit slowly and incrementally, but it certainly appears to be moving in that direction. Here are some of my thoughts on the SEC’s recently issuing a Wells Notice to SolarWinds’ executives ..read more

Following the outstanding SecureWorld Boston event, my friends at SecureWorld shared Highlights and Insights from SecureWorld Boston 2023 and were kind enough to include a few quotes from my lunch keynote — let me know what you think and please offer your perspective on these ideas: For my friends in the Houston area, get ready ..read more

On Tuesday, March 28, 2023, I will be teaching a class on Real-World Cyber Risk Management and Resilience Planning as part of #EnterpriseUniversity Enterprise Bank & Trust’s education program for business leaders and professionals! Join me for this course, and take a look at all of the live, virtual courses available at no cost to ..read more