David Adler will be Speaking at 2018 New York State Cyber Security Conference

I am excited to announce that I will be speaking at the 2018 New York State Cyber Security Conference. My topic is Assessing and Responding to Cyber Legal Risk. The session description and biography will be featured on the Conference website at https://its.ny.gov/2018-nyscsc.

June 2018 marks the 21st Annual New York State Cyber Security Conference and 13th Annual Symposium on Information Assurance (ASIA) and we invite you to join us for this nationally recognized event. Hosted by the New York State Office of Information Technology Services, the University at Albany’s School of Business, and The New York State Forum, Inc., the event takes place June 5 and 6 in Albany, N.Y.

#nyscyber 

Advertisements

8 ideas for Lawyers on Cyber Risk, Privacy & Data Protection

While already on many people’s minds after the recent presidential debate, Cyber Risk, Privacy and Data Protection are growing concerns for businesses and consumers alike.

Here are eight (8) suggestions for building a stronger Cyber Risk, Privacy and Data Protection foundation.

The challenge with cyber security and data privacy has always been their breadth of reach. The most pressing IT security and legal issues facing lawyers and businesses continue to come from these areas. Mindful of information overload, lawyers, law firms, and businesses should develop specific cyber security measures from an IT perspective that you can use to be more secure.

Such strategies might include

1) ensuring familiarity with U.S. privacy legislation such as HIPAA, CAN-SPAM, COPPA, FCRA, GLBA, stated privacy laws, state data breach laws,

2) ensuring familiarity with international privacy legislation including the EU, Asia, Australia, and Canada,

3) knowledge of industry standard risk assessment processes, procedures and reporting (e.g., ISO 27001 , NIST 800-53, COBIT, ISO 27001/02),

4) performing privacy and/or security gap assessments,

5) conducting due diligence with or on third parties,

6) knowledge of technologies used to collect, share, access and use personal data,

7) training employees on best practices and techniques and empowering employees to seek CIPP or equivalent certification, and

8) regular evaluation of cyber insurance policies and coverages.

A recent study published in the Journal of Cybersecurity, found that security breaches were on the upswing, and sectors with the highest number of reported hacks were finance and insurance, health care and government entities. Ccosts include investigating the causes of a breach, notifying consumers, increasing customer support, paying for identity theft insurance or credit monitoring, and dealing with legal actions. Following these 8 steps is a good place to start strengthening a Cyber Risk, Privacy and Data Protection foundation

DISCLAIMER. This is not nor is it intended to be legal advice. Each situation is unique. You should direct any questions you have about your specific situation to competent counsel.

CyberRisk Privacy Data Protection