Month: October 2019

If the cybersecurity industry had a catchphrase, it would have to something to the effect that, “It’s not a question of if you will be breached, it’s just a question of when.” Basically a truism, it is a reminder that you and your company need to get prepared. Why you ask? We already have antivirus, firewalls, and backups. Because there is so much more to it than antivirus, firewalls, and backups. There are hundreds of other aspects of cybersecurity you need to be concerned with–check out this article from Forbes that explains why your custodial staff is an important part of your breach strategy.

This article at HelpNetSecurity talks about the approaches to cybersecurity differ according to age. While there will always be generational differences, this is a good reminder that there are going to be different ways of getting to the same goal. Some will inhibit productivity in exchange for higher security, others will do the opposite. It is important to keep that in mind as you implement security at your organization.

While it seems the privacy world is all abuzz over GDPR and CCPA, there are still others efforts under way around the country to change the way privacy is handled in the USA. Some of those efforts are making small changes piece by piece while others are looking to make a bigger change. One of the latter is the Mind Your Own Business Act that was introduced in the Senate yesterday. Check out this article at the Verge for more details. While this is by no means the only privacy bill pending in Congress, it is certainly the latest and has a catchy name. Will a bill that would give you more control over your data and threaten companies with fines and their executives with jail time make it into law? Stay tuned….

The CCPA is a fluid situation at the moment. As we get closer to it taking effect, we are seeing adjustments made by legislative amendments and regulations issued by the AG. Here’s an article I wrote with Jeff Dennis on AB 1146 which modifies the CCPA to make it clear that businesses can still keep information to honor warranties.

The IRS issued new guidance this week on the taxation of cryptocurrencies. You can view the IRS’ FAQ page here. The main takeaway is that the IRS has not changed its position on treating cryptocurrency as property for tax purposes. This means you need to keep track when you buy, receive, sell, or gift cryptocurrency so you can report short-term or long-term capital gains.

Working with my colleague Jeff Dennis, we recently wrote an article about what California businesses need to know about Nevada’s new privacy law. Whether you are a business owner or a consumer you will start seeing more laws across the globe that will affect you do business or even how you go about life. These new laws will let you protect your privacy and hopefully cut down on targeted advertising in the form of spam and unwanted phone calls, but it will definitely change the way things have been done. Keep your eyes and ears pealed for updates that affect you.

As reported in this BBC article, three hospitals in Alabama were forced to close their doors to all but the most-critical new patients due to a ransomware event. After a cyber attack in Australia, a hospital had to find a scrap of paper before they could perform a medical procedure on a boy with cerebral palsy. The boy’s mom couldn’t even phone the hospital to confirm the appointment. Think about that for a moment–a facility that could be responsible for whether you live or die is shut down or essentially rendered ineffective by a breach. And this only scratches the surface of the stories. We don’t know how the breaches happened, what controls the hospitals had in place, and/or whether there were reliable backups in place. I think ransomware attacks on hospitals are one of the nightmare cases for cybersecurity. Unfortunately, it looks like this is a growing problem that should serve as a reminder about how important cybersecurity is to society.