update what s happening in the cybersecurity world
play

Update: Whats happening in the cybersecurity world NYPWA January - PDF document

Apr 25, 2023 •218 likes •386 views

12/3/2018 Protecting Our Clients A guided discussion on privacy, security, confidentiality and compliance NYPWA January 2019 NYPWA January 2019 2 Update: Whats happening in the cybersecurity world NYPWA January 2019 3 1 12/3/2018

  1. 12/3/2018 Protecting Our Clients A guided discussion on privacy, security, confidentiality and compliance NYPWA January 2019 NYPWA January 2019 2 Update: What’s happening in the cybersecurity world NYPWA January 2019 3 1

  2. 12/3/2018 NYPWA January 2019 4 NYPWA January 2019 5 Internet of Things – IoT Connecting any device with a network • Cell phones • Televisions • Amazon Echo/Amazon • Heating/cooling systems Dot “Nest” • Appliances • Nanny cams • Pacemakers/implanted • Kids toys medical devices • Home security systems • Cars • Voice Queuing Systems NYPWA January 2019 6 IoT leads to increased vulnerability “The attackers used (the thermometer) to get a foothold in the network. They then found the high-roller database and then pulled that back across the network, out the thermostat, and up to the cloud.” – April, 2018 https://www.businessinsider.com/hackers-stole-a-casinos-database-through-a- thermometer-in-the-lobby-fish-tank-2018-4 2

  3. 12/3/2018 NYPWA January 2019 7 Cyber Security Breaches Not limited to “hackers” “When questioned by officials…the boy said he had acted alone and that he was only trying to see what he could do with the apps.” – November, 2018 http://www.govtech.com/security/Student-Behind-Illinois-High-School-Hack.html NYPWA January 2019 8 Recent Cyber Security Breaches Yahoo – Update “Yahoo’s failure to have controls and procedures in place to assess its cyber-disclosure obligations ended up leaving its investors totally in the dark about a massive data breach.” – April, 2018 https://www.law.com/therecorder/2018/04/24/sec-wallops-yahoo-with-35m-penalty-over- breach-disclosures-or-lack-thereof/ NYPWA January 2019 9 Recent Cyber Security Breaches Equifax – Update Five key factors contributed: Ineffective Identification Poor Detection No Segmentation, Poor Data Governance No Query Limits - September, 2018 https://www.bankinfosecurity.com/postmortem-behind-equifax-breach-multiple-failures-a-11480 3

  4. 12/3/2018 NYPWA January 2019 10 Security Breaches Impact on Government NYPWA January 2019 11 Legal updates NYPWA January 2019 12 Recent Legal Cases Carpenter v. United States – background • Supreme Court heard oral arguments on November 29, 2017 • Cell phone records connecting phone with towers in vicinity of crime introduced as evidence • Defendant convicted and sentenced to 116 years in prison • Question raised: is this protected information? Or does the third party doctrine apply? 4

  5. 12/3/2018 NYPWA January 2019 13 Recent Legal Cases Carpenter v. United States – decision https://www.supremecourt.gov/opinions/17pdf/16-402_h315.pdf • Government’s acquisition of Carpenter’s cell-site records was a Fourth Amendment search – Fourth Amendment protects certain expectations of privacy in addition to property interests • Digital Data – personal location info held by a third party – does not fit in existing precedents – Expectation of privacy in physical location and movements – Expectation of privacy in information voluntarily turned over to third parties NYPWA January 2019 14 Recent Legal Cases Carpenter v. United States – decision • Court cited Riley v. California – “Cell records hold for many Americans ‘the privacies of life’” • Court adopts rule “must take account of more sophisticated systems that are already in use or in development” from Kyllo v. United States • However, court stated this is a narrow ruling, and does not address issues not before the Court NYPWA January 2019 15 Recent Legal Cases Apps making it to the court (not the food variety) Knight First Amendment Institute v. Trump US District Court – Southern District of NY • At issue: President Trump’s Twitter Account in relation to the 1 st Amendment – Whether a public official can “block” a person from his/her Twitter account in response to the political views the person has expressed – Does the analysis differ because the public official is the President of the United States • Court held no in both instances 5

  6. 12/3/2018 NYPWA January 2019 16 Recent Legal Cases Cullinane v. Uber Technologies, Inc. – Conspicuous informing of Terms and Conditions • No click box to accept, instead display a notice of deemed acquiescence and link to the terms • “If everything on the screen is written with conspicuous features, then nothing is conspicuous.” • Transactions on smartphones and websites increasing, evolving law around those transactions NYPWA January 2019 17 Recent Legal Cases Applebaum v. Lyft • Several different types of online consumer contracts – Browsewrap, clickwrap, scrollwrap, sign-in-wrap • “Whether there was notice of the existence of additional contract terms presented on a webpage depends heavily on whether the design and content of that webpage rendered the existence of terms reasonably conspicuous.” NYPWA January 2019 18 Recent Legal Cases State of New Hampshire v. Verrill • Murder case, Amazon Echo at crime scene owned by the victim • Judge signed order for Amazon to provide authorities with recordings during time when crime allegedly occurred • Similarities to Bates case – however, that case was not decided by courts because defendant consented to release of information • Probable cause and privacy rights at issue 6

  7. 12/3/2018 NYPWA January 2019 19 Remember our Ethical Obligations NYPWA January 2019 20 NYS Rule 1.1 http://www.nycourts.gov/rules/jointappellate/ny-rules-prof-conduct-1200.pdf A lawyer should provide competent representation to a client. Competent representation requires the legal knowledge, skill, thoroughness and preparation reasonably necessary for the representation. NYPWA January 2019 21 NYS Rule 1.1 Clarification Comment 8 To maintain the requisite knowledge and skill, a lawyer should (i) keep abreast of changes in substantive and procedural law relevant to the lawyer’s practice, (ii) keep abreast of the benefits and risks associated with technology the lawyer uses to provide services to clients or to store or transmit confidential information , and (iii) engage in continuing study and education and comply with all applicable and continuing legal education requirements under 22 N.Y.C.R.R. Part 1500. (emphasis added) https://www.nysba.org/DownloadAsset.aspx?id=50671 7

  8. 12/3/2018 NYPWA January 2019 22 ABA Model Rule 1.1 mirrors NY ABA Commission on Ethics 20/20 In order to provide competent representation in a digital age attorneys must understand and properly use technology. For example, an attorney should know how to properly use email and create an electronic document and know the benefits and risks associated with technology. ABA Commission on Ethics 20/20 Report 105A (Aug. 2012) https://www.americanbar.org/content/dam/aba/administrative/ethics_2020/20120808_revi sed_resolution_105a_as_amended.authcheckdam.pdf NYPWA January 2019 23 Legaltech News Article from October, 2018 • 32 States require technology competence of lawyers • Some states adding a CLE requirement around technology • Need to work with professionals to assist in becoming competent if not able to understand on own NYPWA January 2019 24 Tech Competency Asked to Demonstrate Computer Skills, 0 of 9 law firms passed in-house hiring test • Corporate counsel for Kia Motors gave a computer skills test to potential law firm hires • Audit should have taken one hour, but average pace was five hours • Excel, PDF, Bates numbering, Word were all tested • Competence can range from using MS Word to complex e-discovery software 8

  9. 12/3/2018 NYPWA January 2019 25 Lawyer's e-discovery error led to release of confidential info on thousands of Wells Fargo clients - 2017 • Vendor conducting e-discovery, attorney oversaw and checked the responsive documents using the vendor’s software • View only allowed a limited set of documents, not the entire response, and documents that were supposed to be redacted were not • Information turned over to opposing counsel included confidential information of at least 50,000 of the banks wealthiest clients – Social security numbers – Financial details, including size of portfolios http://www.abajournal.com/news/article/lawyers_e_discovery_error_led_to_release_of_confidential_wells_fargo_client/ NYPWA January 2019 26 Guided Discussion: Securing Public Data NYPWA January 2019 27 Security, Compliance, and Legal Obligations • Security: Protecting the confidentiality, integrity, and availability of the data • Compliance: What is required by federal or state laws, rules, regulations, or policy • Legal Obligations: What is required by federal, state or local law or regulation 9

  10. 12/3/2018 NYPWA January 2019 28 Three Key Principles in Information Security Confidentiality Availability Integrity NYPWA January 2019 29 Confidentiality • Limiting access to only authorized users • Preventing access by unauthorized users • Preventing impermissible disclosure, whether accessed by authorized or unauthorized individuals • Permitting access only where the specific job responsibilities cannot be accomplished without such access • Enforcing a “Need-to-know” basis NYPWA January 2019 30 Availability • Focusing on ensuring the availability of information resources at all times • Working to ensure that hardware and software are protected so that they will not be compromised by viruses or malware, and thus, become unavailable 10

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

An Update from Washington: Whats Happening in the World of Cyber Security and Critical

An Update from Washington: Whats Happening in the World of Cyber Security and Critical

Homeland Security Advanced Research Projects Agency An Update from Washington: Whats Happening in the World of Cyber Security and Critical Infrastructure Douglas Maughan Division Director November 12, 2014 http://www.dhs.gov/cyber-research

489 views • 31 slides
Cybersecurity Today CYBERSECURITY IN TODAYS WORLD Cyberattacks in Wyoming Medical

Cybersecurity Today CYBERSECURITY IN TODAYS WORLD Cyberattacks in Wyoming Medical

Cybersecurity Today CYBERSECURITY IN TODAYS WORLD Cyberattacks in Wyoming Medical Facilities Local Government Schools Law Enforcement Media Outlets The threat and how to think about it Ransomware has rapidly emerged as the most

398 views • 15 slides
CYBERSECURITY @ STEVENS CYBERSECURITY@STEVENS THE WORLD IS A DANGEROUS AND COSTLY PLACE

CYBERSECURITY @ STEVENS CYBERSECURITY@STEVENS THE WORLD IS A DANGEROUS AND COSTLY PLACE

GIUSEPPE ATENIESE FARBER CHAIR AND CS DEPT CHAIR CYBERSECURITY @ STEVENS CYBERSECURITY@STEVENS THE WORLD IS A DANGEROUS AND COSTLY PLACE According to insurance company Lloyds, cyberattacks cost businesses $400 billion a year A

123 views • 9 slides
Implementing Consequence-Driven Cybersecurity with Continuous ICS Monitoring & Threat Modeling

Implementing Consequence-Driven Cybersecurity with Continuous ICS Monitoring & Threat Modeling

Implementing Consequence-Driven Cybersecurity with Continuous ICS Monitoring & Threat Modeling Phil Neray, VP of Industrial Cybersecurity Agenda NotPetya: How a Single Piece of Code Crashed the World (Wired) VPNFilter Update

610 views • 24 slides
GLOBAL PRIVACY & CYBERSECURITY UPDATE View PDF | Forward | Subscribe | Subscribe to RSS |

GLOBAL PRIVACY & CYBERSECURITY UPDATE View PDF | Forward | Subscribe | Subscribe to RSS |

Global Privacy & Cybersecurity Update Issue 21 | February 2019 Jones Day GLOBAL PRIVACY & CYBERSECURITY UPDATE View PDF | Forward | Subscribe | Subscribe to RSS | Related Publications United States | Latin America | Europe | Asia |

257 views • 15 slides
U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity cybersecurity? William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&E 91SI Spring 2004 Stanford University U.S. National Cybersecurity

79 views • 7 slides
In Industry ry Update December 2016 Industry Update Whats been happening Whats

In Industry ry Update December 2016 Industry Update Whats been happening Whats

Hawkes Bay Tourism In Industry ry Update December 2016 Industry Update Whats been happening Whats going to happen What you need to know Industry Tinder Session Christmas drinks! What are the stats telling us?

611 views • 50 slides
Cybersecurity Update Dale Marroquin, CISSP Information Security Officer San Antonio Federal

Cybersecurity Update Dale Marroquin, CISSP Information Security Officer San Antonio Federal

Cybersecurity Update Dale Marroquin, CISSP Information Security Officer San Antonio Federal Credit Union Topics Cybersecurity news and headlines What are the threats and targets? Hackers and malware Email - Phishing

854 views • 50 slides
The Perfect Storm: what is happening to the World ? 12 th November 2013 Imperial College

The Perfect Storm: what is happening to the World ? 12 th November 2013 Imperial College

The Perfect Storm: what is happening to the World ? 12 th November 2013 Imperial College Professor Sir John Beddington Oxford Martin School, Oxford University Global food security warnings were highlighted early in 2008 High-Level Conference

919 views • 45 slides
Today What is happening in the produce world right now? Cost per serving assessment

Today What is happening in the produce world right now? Cost per serving assessment

12/4/2018 Focus on Cost Per Serving 1 Today What is happening in the produce world right now? Cost per serving assessment Calendar for the year and menu planning 2 1 12/4/2018 Food Safety Second major outbreak of E.coli in 9

407 views • 11 slides
The pace of change is accelerating Today What is happening Why its happening What is predicted

The pace of change is accelerating Today What is happening Why its happening What is predicted

The pace of change is accelerating Today What is happening Why its happening What is predicted What that means Skills in need One example What is happening artificial intelligence (Computer systems that exhibit human-like intelligence)

576 views • 45 slides
Cybersecurity Update: Latest Impacts on Aerospace & Defense Presented d by: Brandon Gunter

Cybersecurity Update: Latest Impacts on Aerospace & Defense Presented d by: Brandon Gunter

The Aerospace & Defense Forum Arizona Chapter March 9, 2017 Cybersecurity Update: Latest Impacts on Aerospace & Defense Presented d by: Brandon Gunter Senior Manager, Cybersecurity Services Brandon.Gunter@mossadams.com (206)

255 views • 11 slides
Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives: Define Cybersecurity & why its important Provide information about Dept. Homeland Security Cybersecurity Campaigns: National

328 views • 22 slides
An Update from Washington Cybersecurity / R&D Douglas Maughan, Ph.D. Division Director

An Update from Washington Cybersecurity / R&D Douglas Maughan, Ph.D. Division Director

Homeland Security Advanced Research Projects Agency An Update from Washington Cybersecurity / R&D Douglas Maughan, Ph.D. Division Director October 30, 2012 http://www.cyber.st.dhs.gov Environment: Greater Use of Technology, More

572 views • 29 slides
Its Happening Here Toni M. Ganzel, M.D. M.B.A. Interim Dean, School of Medicine Professor of

Its Happening Here Toni M. Ganzel, M.D. M.B.A. Interim Dean, School of Medicine Professor of

UofL School of Medicine Its Happening Here Toni M. Ganzel, M.D. M.B.A. Interim Dean, School of Medicine Professor of Otolaryngology UofL School of Medicine Its Happening Here Whats Happening at the SOM Exceptional Education World

244 views • 13 slides
Fresh is Everything Produce and Seasonal Trends Today What is happening in the produce

Fresh is Everything Produce and Seasonal Trends Today What is happening in the produce

Fresh is Everything Produce and Seasonal Trends Today What is happening in the produce world right now? Calendar for the year and menu planning Affordable seasonal produce; Fun and creative Ideas Questions The Produce World

580 views • 28 slides
Vesna Janic - Overview of Medical Devices Regulations and

Vesna Janic - Overview of Medical Devices Regulations and

Vesna Janic - Overview of Medical Devices Regulations and Standards- March 6, 2017 StarFish Medical, as a medical device contract design & development

146 views • 3 slides
I mpla nta b le Ne ura l Se nso rs fo r Bra in-Ma c hine I nte rfa c e Graduate School of

I mpla nta b le Ne ura l Se nso rs fo r Bra in-Ma c hine I nte rfa c e Graduate School of

The 16 th Annual Korea-US Nano Forum @ UCSD September 23-24, 2019 I mpla nta b le Ne ura l Se nso rs fo r Bra in-Ma c hine I nte rfa c e Graduate School of Convergence Science and Technology/ Seoul National University Yoon-Kyu Song

398 views • 18 slides
Study overview the workshop in context Simon Saunders, Real Wireless 1 Overview Study

Study overview the workshop in context Simon Saunders, Real Wireless 1 Overview Study

Study overview the workshop in context Simon Saunders, Real Wireless 1 Overview Study context and objectives Methodology LE bands, applications and devices Scope Approach Initial outcomes 2 Study context Key

443 views • 19 slides
Biohacking Hannes Sjblad @hsjob Quantified self DIY Biology The Biohacker movement Health

Biohacking Hannes Sjblad @hsjob Quantified self DIY Biology The Biohacker movement Health

Biohacking Hannes Sjblad @hsjob Quantified self DIY Biology The Biohacker movement Health and Body fitness modification Smaller, cheaper and more powerful 1950s 1980s 2010s Still Awaiting Dematerialisation NFC Chip implants : A great

408 views • 16 slides
High Reliability and Robust Process Improvement Mark R. Chassin, MD, FACP, MPP, MPH President

High Reliability and Robust Process Improvement Mark R. Chassin, MD, FACP, MPP, MPH President

High Reliability and Robust Process Improvement Mark R. Chassin, MD, FACP, MPP, MPH President and CEO, The Joint Commission July 26, 2016 3000 patients over 6 years 1 2 Current State of Quality Routine safety processes fail routinely

634 views • 26 slides
Nom omCom2 I Implem emen entation P Planning Team - Presen esentation t to c ccN cNSO

Nom omCom2 I Implem emen entation P Planning Team - Presen esentation t to c ccN cNSO

Nom omCom2 I Implem emen entation P Planning Team - Presen esentation t to c ccN cNSO Tom Ba Barrett, I IPT Co Co-Chair Cheryl L l Lan angdon-Orr rr, IPT Co Co-Chair Multistakeholder Strategy and Strategic Initiatives 23 October

811 views • 32 slides
Budget VISITS Screening Visit 120 Baseline 750 2 week Baseline eDiary 550 Anesthetic

Budget VISITS Screening Visit 120 Baseline 750 2 week Baseline eDiary 550 Anesthetic

Budget VISITS Screening Visit 120 Baseline 750 2 week Baseline eDiary 550 Anesthetic Injection 769 2 week post op 120 Month 3 280 Month 6 500 Month 9 120 Month 12 500 Long Term Follow up 120 Programming Adjustment 3 Visits

307 views • 8 slides
Sowing the SEEDs of Expanded Contraceptive Choice: Using a Holistic Framework to Strengthen the

Sowing the SEEDs of Expanded Contraceptive Choice: Using a Holistic Framework to Strengthen the

Sowing the SEEDs of Expanded Contraceptive Choice: Using a Holistic Framework to Strengthen the Capacity of 3 IPPF Member Associations in West Africa John Yanulis & Ashley Jackson International Conference on Family Planning, Addis Ababa,

423 views • 17 slides

More recommend