Legal quicksand: Shrink-wrap and click-wrap agreements – Part 1
Shrink-wrap and click-wrap agreements are the fine print you see, among other things, when you click through terms and conditions in accessing an online service (e.g., in connection with a cloud computing service) or as part of the installation [...]
DFARS 252.204-7012: Terms to know
DFARS 252.204-7012 requires that, as a DoD contractor, your organization and your subcontractors must obtain certification of compliance. The deadline has now passed to meet DFARS compliance rules that put cybersecurity safeguards on what the U.S. government calls 'controlled unclassified [...]
8 early warning signs of IT disaster
I am flattered to have provided input for a story by an author whose work I have read for years. His name is Dan Tynan, and he wrote “8 early warning signs of IT disasters” for CIO Magazine. Here is [...]
Imran Awan case shows lax security controls for Congressional IT staff
By Kevin McDonald Investigations into the conduct of the IT staff of the House of Representatives raised alarms. Kevin McDonald explains what we can learn from the case of Imran Awan. Those who operate with high-level system access, [...]
GDPR: The Regulatory Iceberg of 2018
You're heading into dangerous waters. On May 25, 2018, the European Union (EU) General Data Protection Regulation (GDPR) goes into full effect, and it will almost certainly affect you. If you are not compliant with the GDPR by this date, you could [...]
Average Ransomware Attack Infects 16 Workstations, 5 Servers and 22 Users
Midmarket firms are getting hit hardest by ransomware. Data from 2017 shows that 29% of the companies with 1,000 to 5,000 employees are getting struck by ransomware. If companies that size—who presumably have the resources to guard against this scourge—are [...]