Overview of Pennsylvania’s Data Breach Reporting Law

Many ask what a business should do when uncovering a suspected data breach in Pennsylvania. Unfortunately, the answer can be quite complex depending on the business, the nature of the suspected breach, and the data involved. The legal consequences of a data breach, not to mention the business consequences,…

Read More

The Unwitting Cybersecurity Trap: The Risks of Relying on Technology Consultants

Considering the increasing number of data breaches, “hacking” episodes, and cybersecurity incidents over the past few years, businesses are finally starting to take cybersecurity and data security seriously. Businesses also realize that responsibility for data security is shifting from the IT staff to the Board and senior leadership.* However,…

Read More

Is PCI Compliance Enough?

CIO Magazine recently ran an insightful article about PCI compliance. The article emphasizes that PCI “compliance” is a credit card industry minimum set of standards to protect data and to minimize data breaches. However, as the numerous data breaches…

Read More

Attorney Brown Receives Cybersecurity Technical Certification

Attorney Shannon Brown passed the new, performance-based, CompTIA Security+™ certification exam on September 16, 2014. CompTIA Security+™ certification provides an industry-recognized method to objectively demonstrate technical skills in computer security, data security, or cybersecurity. The new cybersecurity certification is believed to be a first for an attorney in Pennsylvania. The…

Read More

Cybersecurity Basics for Pennsylvania Law Firms

Most Pennsylvania law firms either misunderstand cybersecurity [computer and network security] or significantly underestimate the threat of data breaches at law firms. Successful “hacks” can result in the loss of client confidential data or even losses of escrow funds. Considering the November 2013 updates to the…

Read More

The Next Battleground for Data Breaches…Shareholder Lawsuits?

Companies ill-prepared for data breaches and failing to take reasonable steps to secure data and computer systems face increasing and serious risks to the business. Specifically, companies, officers, and boards must start taking data and computer-systems security seriously or risk shareholder lawsuits. Shareholder Lawsuits for Data Breaches In two…

Read More

Attorney Shannon Brown Presents at ShmooCon 2014

Attorney Shannon Brown presented Technology Law Issues for Security Professionals at ShmooCon 2014. The presentation provided

an overview of “what is the law?” from a legal perspective and
the basics of legal interpretation.

Emphasis was placed on understanding what the “the law” really means in a legal sense.

Read More

Attorney Brown Presenting at ShmooCon 2014

Attorney Shannon Brown will  present Technology Law Issues for Security Professionals at ShmooCon 2014. The talk will generally discuss emerging and current legal issues for security researchers including the Computer Fraud and Abuse Act (CFAA), Electronic Communications Privacy Act (ECPA), Stored Communications Act (SCA), the Digital Millennium Copyright Act (DMCA), and state Computer Crimes Code. attend the talk at 10:00AM on Saturday, January 18, 2014.

Read More

An Introduction to Malware for Lawyers

The FBI recently warned that law firms are specific targets of computer criminals (cybercriminals) seeking unauthorized access to data. Pending changes to the Rules of Professional Conduct re-state the lawyer’s duty to reasonably secure computers to protect client confidentiality. Thus, cybersecurity emerges as a law practice issue.

Read More

Presentation on Drones, Media Hacking & Just-in-Time Media

Attorney Shannon Brown presented a continuing education program (CLE) for lawyers addressing emerging technologies issues such as drones, hacking, and just-in-time news reporting. The presentation was for the 21st Annual Media Lawyers Conference sponsored by the Pennsylvania NewsMedia Association.

Read More