Mark Rasch

Cyber Law Editor

Security Current


Auto Roboticism

Posted on: 09 Feb 2015

On 60 Minutes last night, Lesley Stahl was shocked, shocked to see that modern automobiles collected vast amounts of information about their owners and drivers, had myriad sensors to collect information and allow remote access to that information, and has little if any security either for the sensors or the data collected. Also shocking is the…

The Anthem Hack – Part Deux – What Anthem Did Right (and Wrong)

Posted on: 06 Feb 2015

In the wake of every hack (and every second and one yard in the Super Bowl) there is a stream of criticism from Monday morning quarterbacks about what should have been done.  (Handoff to Marshawn Lynch, maybe?) But in many ways, Anthem Blue Cross did the best they could, considering the situation. There are several things you…

Anthem Blue Cross – The Five Stages of Hack Response

Posted on: 05 Feb 2015

This week it was Anthem Blue Cross’s time. The health insurance giant disclosed a massive hack, which compromised records for as many as 80 million people.  This included identity information, provider information and financial information, as well as sensitive information like SSN’s.  To their credit, they found the breach themselves and reported is quickly and…

The CISO’s Guide to Getting Stuff Done

Posted on: 02 Feb 2015

Let’s face it.  You know what you have to do.  You have a 30-day plan.  A 90-day plan.  A one-year plan.  A five-year plan.  You have spreadsheets, budgets, and PowerPoints. What you DON’T have is management commitment, budget, resources or even the ear of the right people to get done what you need to get…

Crowdsourcing Invasions of Privacy

Posted on: 29 Jan 2015

The Wall Street Journal recently reported that the United States government is creating a massive database of records culled from license plate scanners, and making this database available to law enforcement and other agencies. The WSJ article was specifically about a database created by the Drug Enforcement Administration, but thousands of other agencies and departments collect,…

What Keeps CISO’s Up At Night

Posted on: 28 Jan 2015

Every CISO is one data breach from being fired.  Or one disruptive DDoS attack.  Or one theft of information. Or one bad audit result.  Or one compliance investigation.  Or one letter from the Federal Trade Commission or other regulator.  Or one loss of a CEO or Board of Director’s member’s personal data. It only takes…

In the Year 2525 – HoloLens, Google Glass and the Future of Privacy

Posted on: 23 Jan 2015

In privacy and security circles, we typically think about threats and trends in the order of months or even years.  We tend to forget that we are still very much in the nascent stages of the use of information technology, and that the decisions we make today – or fail to make today – can…

NY State of Mind — Attorney General Proposes New Cybersecurity Rules

Posted on: 16 Jan 2015

Seems like everyone is getting into the cybersecurity act.  Happy Cybersecurity week. New York State Attorney General Eric Schneiderman has announced that he is proposing legislation that will require “unprecedented safeguards” for a wide variety of personal data, and make New York laws the strongest in the nation.  Take that, Massachusetts and California! The proposed law would…

Inside the Sausage Factory – The President’s Cybersecurity Legal Proposals

Posted on: 15 Jan 2015

American Poet John Godfrey Saxe is quoted as saying, “Laws, like sausages, cease to inspire respect in proportion as we know how they are made.” Well, it’s sausage-making time here in the Nation’s Capital, and it isn’t pretty.  Especially for cybersecurity. That’s because, in their haste and desire to “do something” lawmakers often pass laws…

It’s Cybersecurity Week — Obama Announces Cybersecurity Initiatives

Posted on: 13 Jan 2015

In the wake of the most recent attack on [insert name of entity] the White House has announced a new initiative to finally tackle the problem of cybersecurity.  It’s a wake up call. It’s like déjà vu all over again.  Or more like Charlie Brown and Lucy.  The problem isn’t a lack of intention.  It’s…