Latest Articles

The Cybersecurity Information Sharing Act of 2015 (CISA) was intended to incentivize private entities to share threat intelligence information with the federal government (specifically the Department of Homeland Security), allowing all parties to react more quickly and efficiently to cyber threats. The vision was that thousands of companies would sign on, creating a powerful network that could form a joint defense in real time against emerging cyber threats. The dream is not going well. At…
The cyber insurance market continues to evolve, and major questions remain unanswered. Should policies cover regulatory fines? Should first- and third-party claims be addressed in separate policies? The list goes on. For the consumer, here is an interesting thought experiment: Is a company having limited access to cyber insurance actually a good thing? Aside from niche exceptions (like GINA, HIPAA, etc.), there is a dearth of regulation pertaining to how private entities treat personal data…
The 2016 U.S. Presidential election demonstrated the importance of digital campaigning. President Trump’s campaign was vastly outspent by Hillary Clinton’s campaign, and placed little emphasis on traditional ground-game tactics. Instead, Trump focused his campaign on digital strategies to target “persuadable voters” via social media. The outcome of the election demonstrated the efficacy of this strategy; not only did Clinton lose the election, but she became the first general election candidate in nearly 40 years to…
During WWII, Morse Code was an indispensable asset that allowed the allies to transmit sensitive information over long distances with great accuracy. However, it contained an obvious, and potentially fatal, flaw — it provided no built in mechanism for identifying the sender of the messages. In order to combat this, U.S. intelligence officers implemented a methodology known as the “Fist of the Sender,” an early system of “behavioral biometrics” that verified the sender’s identity by…
The 2019 calendar year had a rough beginning with several massive data breaches. Just this week, more than 600 million account details were stolen from 16 different websites: Dubsmash MyFitnessPal MyHeritage ShareThis HauteLook Animoto EyeEm 8fit Whitepages Fotolog 500px Armor Games BookMate CoffeeMeetsBagel Artsy DataCamp The account details being sold on the dark web from these breaches include names, passwords, email addresses, and social media authentication tokens. Thankfully, there does not appear to be any…
The deservedly well-publicized arrest of the Golden State Killer last fall was a coup for law enforcement, and a marvelous use of modern technology. Sequencing the DNA profile of material left by the killer at a crime scene 40 years ago, then scouring publicly available databases for a genetic match, and ultimately making the arrest were strokes of genius by all parties involved. The question is not “should police have done this?” Of course, yes!…
The biggest sporting event of the year is now over— and the Patriots, with the help of NFL super duo Tom Brady (the oldest quarterback to ever win the Super Bowl) and Bill Belichick (the oldest head coach to ever win the Super Bowl) took the title—New England’s sixth since 2002. Over 100 million people watched the game from home and over 70,000 watched it from inside Mercedes-Benz Stadium in Atlanta. However, what many fans…
On September 28, 2018, California passed Senate Bill No. 327, Chapter 886, which regulates the security of all internet of things (IoT) devices sold in California.  Collectively, IoT broadly refers to all internet-enabled devices and includes everything from doorbells and lamps to cell phones and wearable devices. This bill, beginning on January 1, 2020, will require a manufacturer of a connected device to equip the device with “a reasonable security feature or features” to “protect…
In an effort to reduce liability from spills and other hazards, a few grocery store chains will now have a new employee on the ground: a six to seven-foot tall, googly-eyed robot named Marty. Marty is an autonomous robot with a “sensing tower on it with various cameras” giving it the ability to scan the aisles for slipping hazards. As of right now, Marty is unable to actually clean the spill or remove the hazard,…
The Environmental Protection Agency (EPA) recently announced its intention to modify the 2017 National Pollutant Discharge Elimination System (NPDES) General Permit for Construction Stormwater Discharges (2017 CGP). EPA implements the 2017 CGP in states and territories that have not yet received authorization to implement the NPDES Stormwater program. Primarily, this includes New Hampshire, Massachusetts, Puerto Rico, and the District of Columbia.…