Author: Edward Dunham

In this day of rampant hacking, coordinated cyber security is an absolute must.  Recognizing the importance of an organized effort, the Democratic National Committee (DNC) unveiled an updated cyber security checklist earlier this year designed to thwart continued attempts to hack their systems during the election cycle.  Although more of a consumer-level checklist, the list is practical guidance for any company or organization looking to promote enhanced cyber security, regardless of political affiliations or inclination.

According to The Hill, concerns over cyberattacks have been a priority for political groups in recent years, particularly after the 2016 hack of the DNC that resulted in the release of sensitive emails ahead of that year’s presidential election. This new version of the checklist comes as political groups gear up for the 2020 presidential election amid concerns they could face cyberattacks from U.S. adversaries.

The DNC Device and Account Security Checklist includes the following guidance on securing your devices:

  • Keep your laptops, phones and tablets, as well as the applications on them, updated. For example, most operating system updates contain numerous security updates. Adversaries frequently take advantage of devices that have not been updated recently. Always apply your updates as soon as they come out!
  • Laptop disk encryption. Encrypting your laptop can keep your data safe even when it is lost or stolen. Disk encryption is easy to enable and does not take much time.
  • Web encryption. Some websites do not properly enable encryption for all connections. Luckily, there is something you can do to make sure your internet connections are secure.  In your web browser, you should install the HTTPS Everywhere extension.  HTTPS Everywhere is a Firefox, Chrome and Opera extension that strengthens the encryption between your device and major websites.
  • Secure your mobile phones and tablets. Some phone carriers allow you to set a login PIN.  If your carrier supports this feature, you should enable the feature because having a pin makes it harder for attackers to take over your account.  Even if they guess your name and password, they will still need to obtain the PIN to access your account.

The DNC’s checklist is exactly that: a list of steps to complete and then check off.  At Spector Gadon Rosen Vinci P.C., we provide IT and non-IT assessment and remediation through our Cyber Exposure Analysis process.  Our advanced algorithms enable us to issue a cost-effective, attorney-client privileged report in short order and enables informed cyber risk management decision-making as to whether to fix or transfer by way of insurance specific risks.  To learn more about developing a comprehensive strategy for remediation, contact Edward M. Dunham, Jr., Chair, Cyber Security Group, at (215) 241-8802, or edunham@sgrvlaw.com.

0

By every measure, the incident rates of cyber-attacks and confidential information disclosure across all businesses are increasing exponentially. Spector Gadon & Rosen, P.C. emphasizes pre-breach services to assist our clients in preventing breaches in the first place. Because breaches are costly, intrusive and not going away, we developed the Cyber Exposure Analysis process (CEA) to combat cyber exposures head-on. CEA is straightforward, easy to use and generates a detailed cyber risk exposure profile report based on information furnished by our clients in CEA’s assessment survey.

CEA addresses the issues that keep CEOs, General Counsel and Risk Managers awake at night by targeting the major cyber-risk areas including:

  • Breach of privacy claims, including non-consensual, misuse and misappropriation of personal data, identity theft and contravention of international privacy laws applicable to online businesses
  • Contractual exposures inherent in the use of cloud computing
  • Copyright, patent and trademark infringement claims
  • The advantages and risks associated with the use of social media in an organization
  • Non-Compliance with local, state, federal and foreign regulations pertaining to the safeguarding of privacy information
  • Liability arising from systems failures and outages, viruses, worms and data corruption, hacking and other vulnerabilities in online offerings
  • Trade secret protection, including questions of encryption, e-mail, extraordinary intercept measures, social media, discussion groups and Internet acquisition and distribution of trade secrets.

In the CEA process, we process the clients’ information feedback and issue a report that includes detailed responses to the clients’ answers, exposure evaluations keyed to the individual responses in the areas surveyed, graphical comparisons of the exposure areas surveyed, remediation check lists and an executive summary. Our proprietary algorithm-based technology makes possible the delivery of the report within five business days. Importantly, when the client retains us for the CEA process, what the client tells us in answering the questionnaire and what we recommend in the report is attorney-client privileged. The CEA report enables our clients to make informed cyber risk management decisions as to whether to fix the exposures, ignore them or transfer them by way of cyber risk insurance. We can assist our clients in carrying out whatever decisions they make.

For further guidance in this area, please contact Ned Dunham, Esquire, at 215-241-8802 or edunham@lawsgr.com.

0