Tag:Privacy & Security
The “Cyber Pandemic” – COVID-19’s Influence on Cybersecurity Practices
There is no doubt that the COVID-19 pandemic has affected almost every aspect of life for people around the globe. While the internet has allowed people to stay connected and continue working from home, it has also presented an opportunity for cybercriminals to take advantage of susceptible remote working setups. Cybercrime has significantly increased since the start of the pandemic, prompting corporations to mitigate the risk of a data breach against an onslaught of new vulnerabilities to their internal systems.
Compliance Spotlight: William Hanning, CISSP, CISO
William Hanning is a Chief Information Security Officer with Groups360 and close to twenty years of Information Security experience. Mr. Hanning has built and managed security programs in multiple industries in organizations of varying sizes, as well as within Fortune 100 companies. Here, he gives insight about the separation between data privacy and cybersecurity, the role of information security teams, and how cybersecurity relates to and supports the work of legal and compliance departments.
Robinhood Can’t Seem to Keep User Data Safe: Data Breach Exposes the Personal Data of Millions of Users
On November 3, 2021, Robinhood Markets Inc., a popular online stock trading app, reported that an intruder gained access to its systems, obtaining the personal information of millions of its users. With its sudden rise to popularity and contempt following the GameStop stock volatility, and an ongoing class action lawsuit concerning a previous breach, Robinhood is in hot water with both customers and regulatory agencies alike.
House Moves to Bolster Supply Chain and Network Security
On October 20, the House of Representatives passed several bills directed at the Department of Homeland Security (“DHS”) and the Department of Commerce (“DOC”) that may impact network security compliance measures affecting U.S. businesses. These bills take aim at much of the software and network technology used by companies within the supply chain to ensure that security is not dismissed in the effort to cut costs and to maintain healthy competition between network communication equipment vendors.
The Pandora Papers and the Bank Secrecy Act
The recent Pandora Papers leak in October 2021 shined the light on the massive and intricate web of offshore accounting that allows for insurmountable amounts of wealth to be hidden throughout the world. One of the most shocking revelations of these Papers was how heavily the United States was implicated in creating and perpetuating this system. As such, legislators have been pressured to find a way to crackdown on this sort of offshore money. One way that they have proposed addressing the problem is by amending the United States’ current criminal financial legislation, the Bank Secrecy Act.
Data Brokers: How Much is Your Fourth Amendment Right Worth?
The ability to purchase private data through commercial data brokers has become increasingly easy. Data brokers originally gained popularity as a way to assist marketing and advertisements, allowing companies to better communicate with their consumers. Lawmakers worry data brokers’ products have begun to cater towards law-enforcement, causing constitutional concerns.
Landmark Settlement for a Privacy Violation Brings Big-Tech to its Knees
On Friday, February 26, 2021, U.S. District Court Judge James Donato approved a 650 million-dollar settlement against tech giant Facebook for violating the Illinois Biometric Information Privacy Act. Chicago attorney Jay Edelson filed the class action lawsuit in 2015, alleging that Facebook had failed to obtain consent from users before using facial recognition technology to scan and digitally store uploaded photos.
A Case for Regulating Facebook
Recently, whistleblower Frances Haugen testified before a Senate subcommittee that Facebook has been deliberately putting its own profits before users’ safety. As Facebook’s former product manager for civic misinformation, Haugen calls for federal regulation of social media platforms and asserts that Facebook will not solve what she calls a “crisis” of deliberately ignoring users’ wellbeing for the sake of its own profits without Congress’s help. She points to tobacco, automobiles, and opioids, stating that when it became clear that those products were harming people, the government took action.
The Quiet Corporate Health Cybersecurity Struggle Playing Out in Plain Sight
Cyberattacks on the healthcare industry have reached a fever pitch. In 2020 alone, there was a drastic increase in healthcare organization cybersecurity breaches. In 2021, the average cost of a healthcare data breach increased by over $2 million to $9.23 million. Healthcare providers continue to be the most targeted industry for cybersecurity breaches, with over ninety-three percent of healthcare organizations experiencing a data breach over the past three years. 306 breaches of unsecured protected health information (“PHI”) impacting 500 or more individuals were reported to the U.S. Department of Health and Human Services (“HHS”) in 2020. Yet healthcare organizations continue to be ill-equipped to handle this growing problem.
Security Awareness — Not Just an IT and Compliance Responsibility
Since the start of 2021, cyber-attacks have dominated headlines across every industry. From governments and government organizations, healthcare companies, and banks, to gaming companies and oil pipelines, ransomware has impacted organizations of all types and sizes. The scale and scope of these attacks have continued to grow and have far reaching consequences. Despite current agency attempts to strengthen cybersecurity through regulation, individual users continue to pose a serious threat due to insufficient security education.