Business Cyber Risk

GCs and CISOs Should be Preparing for the Avalanche of State Data Privacy Laws General Counsels (GCs) and Chief Information Security Officers (CISOs) should pay close attention to the growing wave of state-level data privacy legislation sweeping the U.S. With at least seven s…

The first episode of my new podcast is out: GC+CISOconnection!

The GC+CISO Connection The GC+CISO Connection Show explores how we can better foster collaboration between organizations’ legal departments and security teams, with a focus on the ...

Many thanks to SecureWorld for including my thoughts in this article.

Halliburton Confirms Network Disruption After Suspected Cyber Attack Halliburton, one of the world’s leading oilfield service companies, confirms corporate network impacts likely caused by an unspecified cyberattack.

Shawn Tuma, cyber attorney at Spencer Fane, will present May 18 at SecureWorld Houston on why strategic leadership and an understanding of roles, personalities, and psychology is important for building effective cybersecurity teams. See the conference agenda and register here: https://hubs.li/Q01Nrn6D0

SecureWorld returns to Houston on May 18th to host the cybersecurity community for a full day of learning, networking, and growth. See the conference agenda and register today! https://hubs.li/Q01JT04N0

Following the outstanding SecureWorld Boston event, my friends at SecureWorld shared Highlights and Insights from SecureWorld Boston 2023 and were kind enough to include a few quotes from my lunch keynote -- let me know what you think and please offer your perspective on these ideas: The final keynote session was given by Shawn Tuma, Co-Chair of the Data Privacy & Cybersecurity Practice at Spencer Fane LLP....

A few quotes from my keynote at SecureWorld Boston Following the outstanding SecureWorld Boston event, my friends at SecureWorld shared Highlights and Insights from SecureWorld Boston 2023 and were kind enough to include a few quotes from my lunch …

On Tuesday, March 28, 2023, I will be teaching a class on Real-World Cyber Risk Management and Resilience Planning as part of Enterprise Bank & Trust’s education program for business leaders and professionals! Join me for this course, and take a look at all of the live, virtual courses available at no cost to you this spring:

Join me and #EnterpriseUniversity for Real-World Cyber Risk Management and Resilience Planning on March 28, 2023! On Tuesday, March 28, 2023, I will be teaching a class on Real-World Cyber Risk Management and Resilience Planning as part of Enterprise Bank & Trust’s education program f…

On March 8, 2023, the U.S. Department of Health and Human Services (HHS) released its HPH Sector Cybersecurity Framework Implementation Guide (the Guide) to help healthcare organizations leverage the NIST Cybersecurity Framework. This Guide is not only a must-read for all healthcare "covered entities," especially small and midsize organizations, but it is excellent advice for all organizations -- healthcare and non-healthcare alike as it demonstrates practical implementation and use of the NIST Cybersecurity Framework.

HHS Releases HPH Sector Cybersecurity Framework Implementation Guide to Help Healthcare Organizations Leverage NIST Cybersecurity Framework On March 8, 2023, the U.S. Department of Health and Human Services (HHS) released its HPH Sector Cybersecurity Framework Implementation Guide (the Guide) to help healthcare organizations leverage t…

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing & Analysis Center (MS-ISAC) routinely release a Joint Cybersecurity Advisory (CSA) as part of an ongoing effort to publish advisories for network defenders that detail ransomware variants and ransomware threat actors. On March 16, 2023, they released the following Joint Cybersecurity Advisory…...

FBI, CISA, MS-ISAC Joint Cybersecurity Advisory – #StopRansomware: LockBit 3.0 The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing & Analysis Center (MS-ISAC) routinely release a J…

I am super excited to share that next week I will be headed to Boston to speak at one of my absolute favorite conferences each year -- the United States' preeminent cybersecurity conference -- SecureWorld! On Thursday, March 23, 2023, I will present the lunch keynote on Cybersecurity Really Is a Team Sport, since folks apparently did not get the message the last time I spoke on this subject in 2019 (...

shawnetuma.com

"The devil is in the details" -- that about sums up my take on the White House Cybersecurity Plan. Many thanks to Lily Newman for including this and some other points from our discussion in her Wired article The High-Stakes Blame Game in the White House Cybersecurity Plan. I appreciate that the Administration is talking about cybersecurity. Just like in a company, if you want to create a culture of cybersecurity here in America, we have to start talking more about cybersecurity and it works best if the leaders at the top are engaged in the discussion....

The White House Cybersecurity Plan – the Devil is in the Details “The devil is in the details” — that about sums up my take on the White House Cybersecurity Plan. Many thanks to Lily Newman for including this and some other points from our disc…

I am super excited to share that next week I will be headed to Charlotte, North Carolina to speak at one of my absolute favorite conferences each year -- the United States' preeminent cybersecurity conference -- SecureWorld! On Wednesday, March 1, 2023, I will be leading a full day workshop for SecureWorld Plus registrants on Real-World Cyber Risk Management and Resilience Planning…...

Charlotte, NC Area Friends – Join me at SecureWorld Charlotte on March 1 & 2! I am super excited to share that next week I will be headed to Charlotte, North Carolina to speak at one of my absolute favorite conferences each year — the United States’ preeminent cy…