A study recently revealed that nearly 25% of data breaches involve phishing, and it is the second most frequent data security threat companies face. Phishing is an enormous problem, and it is getting worse. In a staggering statistic, on average, a company with 10,000 employees will spend $3.7 million per year handling phishing attacks.
by Daniel J. Solove Recently, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) publicized its resolution agreement in its HIPAA enforcement action against St. Elizabeth’s Medical Center (SEMC). SEMC agreed to pay $218,000. The case began with a complaint filed with OCR back in 2012 that employees […]
by Daniel J. Solove I’ve really been enjoying the new TV series Mr. Robot on USA. Network. It presents highly-engaging depictions of hacking and social engineering, and it is great entertainment for privacy and security geeks. The protagonist is Elliot Alderson (played by Rami Malek), a tech who works at a cybersecurity firm in New York City. […]
by Daniel J. Solove There are certainly many hackers with sophisticated technical skills and potent malicious technologies. These threats can seem akin to Leviathan — all powerful and insurmountable. It can be easy to get caught up focusing on the Leviathan and miss the low-hanging fruit of cybersecurity. This low-hanging fruit consists of rather simple […]
by Daniel J. Solove A few days ago, I posted about how boards of directors must grapple with privacy and cybersecurity. Today, I came across a survey by NYSE Governance Services and Vericode of 200 directors in various industries. According to the survey, about two-thirds of directors are less than confident about their company’s cybersecurity. […]
by Daniel J. Solove I have created a new resource page for the TeachPrivacy website: Privacy and Security Training Requirements.
by Daniel J. Solove Although we are seeing increasingly more sophisticated attempts at phishing, it appears as though many phishers still haven’t been able to get their hands on a program with spell check. Why are we still seeing the $10 million lottery winning emails? Or the long lost relative of yours living in Fiji […]
By Daniel J. Solove A recent study by TeleSign revealed that many people engage in some troublesome password practices. Some of the most alarming findings from the report include: — 73% of accounts use duplicate passwords. — Nearly half of consumers have a password they haven’t changed in 5+ years — “Consumers have an average […]
By Daniel J. Solove Law firms are facing grave privacy and security risks. Although a number of firms are taking steps to address these risks, the industry as a whole needs to grasp the severity of the risk. For firms, privacy and security risks can be significantly higher than for other organizations. Incidents can be […]
By Daniel J. Solove Once upon a time, there was a teacher who wanted to train people. At first, the teacher stated a list of things to do and not do. But this had little effect. The teacher was upset and started to doubt whether he could ever get through to people. But then […]