3D Printing: A Cybersecurity Concern

Additive manufacturing, more commonly known as 3D printing, is a process of making three-dimensional solid objects from a digital model. Additive manufacturing is already used in a number of critical fields, such as medicine, aerospace, civil engineering, and industrial manufacturing. 3D printers are often internet-connected, and increasingly open-sourced. And because of that, you can virtually 3d print pretty much anything through a 3d printing service. Confidentiality and privacy concerns are the most direct consequence of a data breach involving a 3D printer. This could… Continue Reading

Facebook Moves to Dismiss Derivative Action Arising Out of Cambridge Analytica Scandal

On September 28, 2018, Facebook and its board of directors moved to dismiss a derivative action filed by Karen Sbriglio, a Facebook investor, alleging breach of a fiduciary duty.  The lawsuit, filed after revelations of the Cambridge Analytica scandal, claims the failure of Facebook’s leadership and governance in permitting the misappropriation of Facebook users’ data subjected it to public scrutiny, billions of dollars of lost market value, and significant fines and costs.  The basis of Facebook’s motion was that the company’s board, rather than… Continue Reading

Long-struggling ‘Google Plus’ Social Network to be Shutdown after Security Breach Affects 500,000

On Monday, October 8, 2018 Google disclosed a security breach it discovered months ago that put at risk the personal data of hundreds of thousands of Google Plus users. In March, Google discovered, and fixed, the bug that allowed outside software developers to gain access to personal information on Google Plus users, including names, email addresses, ages, occupations and relationship status. The company’s decision to not immediately report the software bug has some concerned that Google cannot be relied on to protect privacy. Google… Continue Reading

The End of the Password: The Future of Company Security

At Microsoft Ignite 2018, an annual conference for developers and IT professionals, heavily emphasized its system’s security improvements. In the spotlight, Microsoft focused on its movement away from a password usage system through the Authenticator app. The Microsoft Authenticator app works by utilizing an addition factor, such as a fingerprint, PIN, or facial biometric, allowing administrators to default to the Microsoft Authenticator app first, rather than asking for a password. During the conference, Microsoft indicated that passwords are a “short-term game” as most security… Continue Reading

SEC’s First Cybersecurity Enforcement Has Many Lessons

The Securities and Exchange Commission recently announced its first ever cyber-related enforcement action in a case that all companies should look at as a refresher on cybersecurity hygiene. In the Matter of Voya Financial Advisors, Inc. was brought against the publicly traded company that manages over $500 billion after a security breach through several of its brokers acting as independent contractors for the company. These brokers typically accessed Voya clients’ PII through a password protected web portal while using their own IT equipment and networks.… Continue Reading

Congress Continues to Grapple with Election Interference

The Secure Elections Act may be back on the table once again. The bipartisan bill was introduced “to protect the administration of Federal elections against cybersecurity Threats.” In large part, the bill was intended to combat concerns that Russia and other state and private actors could exploit vulnerabilities in backend election systems, including voter registration databases, ballot creation systems, election voting services, voting machine configuration systems, absentee processing and reporting and tabulation software. The bill’s sponsors hope to pass a version of the… Continue Reading

Cyber Survey Underscores Perspective of In-House Lawyers

In May, the Association of Corporate Counsel (ACC) Foundation released its “State of Cybersecurity Report: An In-House Perspective,” This report conveys the results of the organization’s far-ranging survey on this topic. In addition to the statistics elicited from 617 in-house lawyers (based in 33 countries), the report also includes many comments from the respondents. This report is full of interesting statistics.  Some of the highlights include:
  • One in three respondents indicated that either their current company or a previous employer had experienced a
Continue Reading

Why Not Cyberinsurance?

A July 2018 Market Watch Survey by the Council of Insurance Agent & Brokers revealed that only 32 percent of respondents purchased some form of cyber coverage in the past six months. And, 70 percent of U.S. healthcare firms have elected against carrying cyberinsurance. Incredible, right? With reports that cyberattacks affect businesses of all types, sizes, geographies, and industries, no business should prepare to shoulder the entire load should it suffer a breach.This is especially so, as evidence mounts that hackers can cause property Continue Reading

Embracing Data Security Can Avoid Penalties, and Gain Consumer Trust

The European Union’s (EU) General Data Protection Regulation (GDPR) is now in force, governing data protection and privacy for all individuals within the EU. Attorneys in Goldberg Segalla’s Cybersecurity and Data Privacy Group compiled a white paper to answer frequently asked questions and offer practical guidance related to the GDPR, which can be found here. Multinational firms based in the US with a presence in the EU, including restaurant chains, have (or should have) implemented policies to comply with the GDPR, and avoid the… Continue Reading

It’s OK to Cry Over Spilled Credentials

From a young age, we are taught not to cry over spilled milk. We inevitably come to learn that this euphemism is generally intended to have a broader application than dairy beverages, and also learn that crying is sometimes an acceptable response so long as it is followed by a corrective action. It follows that spilled credentials may warrant some tears, but a recent study by Shape Security suggests that there currently is no comprehensive solution to address this problem. We are not to suggesting… Continue Reading