Announcing Resilience Cybersecurity and Data Privacy Blog

resilience cyber security

Big news!

Followers of this blog know how important I believe new tools and technology are in the practice of law. Over the course of writing The Cyber Advocate, I also turned my moderate knowledge of cyber security matters into a focus of special interest, due to the threat hackers posed to law firms.

Today, I officially launch my new blog – Resilience Cybersecurity & Data Privacy!

Recently, I opened my own law firm, the Law Offices of Brian C. Focht. My practice is dedicated to civil litigation matters and cyber security law. As part of my practice, I provide cyber security and data privacy legal counsel. (more…)

One Thing You Need To Do Before Buying Cyber Liability Insurance

cyber liability insurance

So a few weeks back I was interviewed about several current issues in cyber liability insurance. As part of the lead-up to the interview, I was sent a couple of links concerning issues that the interviewer wanted my take on. Most of them I’d seen before. However, there was one that was new to me:

cyber liability insurance

After reading the article, I was stunned that a law firm – as in a business that performs at least most of its work in the practice of law – would even consider filing such a lawsuit. Turns out they even got an attorney in a different firm to represent them. They were at least smart enough about not being – or having – a fool for a client. While you might disagree with me on the merits of this particular lawsuit – as an attorney whose practice includes insurance coverage matters, I can concede that insurance is treated differently from state to state – there’s definitely something that everyone can take away from this incident.

There is one thing you absolutely, positively must do before purchasing cyber liability insurance: (more…)

5 Things You Need to Know About the New War on Encryption


On Saturday night, the city of London experienced yet another tragic attack, apparently carried out in the name of terror. The city’s second in two months, and England’s third – the terrible bombing in Manchester just two weeks ago, has already led to numerous statements of solidarity and support from (most) leaders around the world.
Unfortunately, during that time, Theresa May, British Prime Minister, also said this:

That’s right, among the many things we can expect in the near future is another battle over government surveillance powers. In that battle, it’s a virtual guarantee that the British or U.S. government will resume its call for technology companies be able to decrypt any data or communications within their ecosystem, purportedly in the name of fighting terrorism, on demand.

Whether it starts now, or as a result of a tragedy yet to come, the new war on encryption is about to begin. (more…)

How NIST Made Me Excited About New Password Rules


I’m going to go ahead and say it: I’m Pumped! About something in the NEWS!

How has your recent news feed looked? A bit dismal, if you’re anything like me. There’s the whole “we prefer the frog-in-a-boiling pot method of extinction” thing coming from the White House. Well, and then there’s everything else coming from the White House.

It can all seem like it’s too much. We’ve got a government deliberately ignoring science, publishing a budget that cuts the estate tax – but relies on its revenue continuing because… rich dead people are generous? Oh, and then there’s the whole double counting thing. (But don’t worry, Mick Mulvaney now says it was on purpose.) Fortunately for us all, there’s great news. It’s about… passwords!

Who would have ever expected that good news in the “reality and practical experience” matters arena would come from password guidelines? Yeah, me neither. And yet, we have the outlines of the new recommendations from the National Institute on Standards and Technology (“NIST”). Even more importantly, it turns out I was totally right! Totally! Yeah, I’ll get to that.

But the best part… (more…)

What You Need to Learn from the Biggest Cyber Attack in History

cyber attack

Last weekend, a virus called “WannaCry” swept through Asia, Africa, and Europe, encrypting the data of thousands of individuals and businesses. Although it demanded a ransom that, if paid, promised the user access to encrypted data, few paid the ransom, and many who did never regained access to their data. It was the largest ransomware attack ever, even though it was stopped before it impacted much in the United States.

Since the attack, I have read numerous security posts about why this attack is just more proof that people and businesses should adopt the security measures those writers had previously published. While I agree with (most) of those posts, I think that the unprecedented nature of this attack creates a different opportunity – to discuss some fundamental lessons that every business owner needs to accept as the modern reality.

Here are Six Lessons You Need to Learn from the WannaCry Cyber Attack: (more…)

We Are Dangerously Close to a Dystopian Cyber Security World

cyber security

I try, on this blog, to avoid topics that are purely political. Sure, I spoke strongly in favor of net neutrality, I supported Apple’s position on encryption, and I continue to argue forcefully against the deregulation of the practice of law. Those are all political issues, to be certain. But this post is going to be a little bit different. It’s about the future of cyber security for all small businesses (and even large businesses) who have a legal obligation to protect their clients’ and customers’ data.

The Trump Administration has not officially begun, but with its transition currently underway, several of the decisions already made point toward a dystopian future for cyber security. A future where hacking, including by foreign government and industry interests, is rampant; where the tools to protect ourselves are compromised; and where even our access to information is subject to purely corporate interests.

Let’s take a look at some of the brilliant ideas for technology held by President-Elect Trump’s team: (more…)

7 Simple, Fraud-Free Ways to Handle Negative Reviews

negative reviews

I’ve been lucky, and I have no problem admitting that. To date, I haven’t had a client who, either during or after completion of my representation, decided to burn me by posting a scathing negative review online. While I may have had a few clients that might have been inclined, I’ve done everything I could to manage the situation before it came to hostile words being shared to the world online.

Like I said, that doesn’t necessarily make me good, it makes me lucky. Many other lawyers, unfortunately, haven’t been so lucky. I’m not talking about those lawyers who treated their clients casually, failed to return phone calls, or truly caused their clients harm through negative actions or omissions. They deserve all the ink they get. I’m talking about lawyers who, despite their best efforts, just couldn’t deliver what the client wanted or expected.

Whether you deserve the online tongue-lashing you ended up getting or not, once it’s posted, you need to do something about it. And when I say “something,” I most certainly mean something OTHER than what these lawyers are accused of doing… (more…)

Page 1 of 3712345...102030...Last »