Keeping Offices Safe

Clerk Yarbrough sits down with Lee Neubecker, President & CEO of Enigma Forensics to discuss the current state of affairs. Clerk Yarbrough assures everyone voting on Tuesday, March 17 voters will be met with a clean and safe environment. Come and Vote and March 17!

Cook County Clerk Karen Yarbrough Gives Safe Voting Practices

Cook County Clerk Karen Yarbrough would like voters to know her staff is taking every precaution to make all voting stations a safe and clean environment. On top of her list, everyone should wash your hands! She says all voting staff will continuously wipe down all surfaces and are trained to keep the stations clean. Clerk Yarbrough urges everyone to remember the rules your mother gave you!…Wash your hands, sneeze into your sleeve and if you have a fever stay home from work, don’t go out and stay in and take care of yourself. Clerk Yarbrough sits down with Lee Neubecker, President & CEO of Enigma Forensics to discuss the current state of affairs.

Check out this video interview to find out what precautionary steps the Clerk’s department has taken to make sure each voting office stays safe.

Election Day is on Tuesday, March 17

Clerk Yarbrough says Keep Calm, We are on the Job!

Lee Neubecker: Hi, this is Lee Neubecker, president of Enigma Forensics, computer forensics firm based here in Cook County in Chicago. And I had the pleasure of having our very own Cook County Clerk, Karen Yarbrough, here on the show to talk a little bit about what her office is doing to help keep people safe, in light of the recent corona outbreak. Karen, thanks for being on the show.

Clerk Karen Yarbrough: Thank you, Lee. Well, you know, this is a really busy time for us and we have a number of, we have our regular employees and then we have a lot of people, almost 8,000 people, who will be involved in the election on the 17th. So we want everyone to be safe. So in the office, what we’re doing is, first of all, we’re educating people. Now, some of this stuff is just common sense. I mean, people should know to wash their hands. They absolutely should know that. They also should know that if you have to sneeze, you don’t sneeze out like that, you go like this, okay? I mean, didn’t your mom teach you that? I mean, mine did, so. So the education or bringing it back to people on how we can keep safe. So our people have, they have obviously Purell. They have the gloves if they want to wear them. They also have, they clean their work stations. So we have everything that they need and we have a big influx of people for several reasons and especially in vitals and in elections and so we want everyone to be safe.

LN: So with the election fast approaching, I know that previously you were on the show to talk about early voting, in trying to get people to pull a ballot so that they could vote from home. It’s too late for that now, but what would you advise that people should do as they’re heading to the polls?

CY: Well, hopefully they’ll have a card or some information on who they want to vote for. They’re going to find our brand new voting machines there and it’ll probably take them all of two or three minutes to vote this time. So the ease of voting, they’re going to find friendly faces there and people who are willing to help them. We have the touchscreens and we also have paper ballots if people want to use ’em. But we’re encouraging people to use the touchscreen. If you want to use your finger, then you can wipe your finger off with, and we have everything there. I mean, absolutely.

LN: Like Purell?

CY: Absolutely, we have everything there. They could use a pen to do this, you know. They could use their, bring their own pen if they want to fill out a paper ballot. So, you know, again we’re telling people use some common sense here as it relates to, you know, today and all through the last few days, what I’ve been doing is going to the early voting polling places and so I’ve met all of the judges and I see the way that they’re greeting people. They’re not shaking hands, they’re doing fist bumps or arm bumps. Yeah, like that or whatever, but they are not shaking hands. So, you know, as I’ve looked, and we’ve been looking at, watching what’s coming out of Washington, what’s coming out–

LN: Even here in Chicago

CY: Absolutely.

LN: Yesterday we had the Prudential building had their first case.

CY: Yeah, how about that? How about that? But you know what? For the most part, 80% of the people who contract it in the first place, they’re going to be fine. Children are going to be fine. It’s people who have compromised systems that have the problems. And older people. I get all of that, but people can be safe and they can be competent, use common sense and be safe.

LN: Yeah, like not jumping on an airline when you know you’ve tested positive. I don’t think you should do that if you have Corona Virus.

CY: Don’t come to work sick. We’re sending people home. Anybody’s around there sniffling or what have you or they don’t feel well, if they have a fever. If you got a fever, you ought to be at home. You shouldn’t be with us.

LN: And just because you have a fever, you shouldn’t be flipping out thinking you have Corona Virus.

CY: Not at all, not at all.

LN: They say that you need to have three specific symptoms combined to worry about it. You need body aches, fever, plus respiratory problems. So if you don’t have all of three of those, don’t bug your doctor. The doctors are under control.

CY: Don’t panic.

LN: Unless you, if you have a fever that runs awhile, call but don’t. Then you should assume that you have Corona Virus.

CY: I’m hoping that we get some better information out of Washington, though. There have been mixed messages there, so let’s hope that we can get better information out of Washington as well as what we need. I noticed that out governor was pretty frustrated about his inner workings with the federal government on what we need in Illinois. So let’s hope that they get that together.

LN: Yeah, absolutely. Well, thanks for being on the show again.

CY: Thank you.

Watch related videos to this series with Cook County Clerk Karen Yarbrough

Other Related Videos

Voting Tips with Clerk Yarbrough

Cook County elections are on Tuesday, March 17. Cook County Clerk Karen Yarbrough assures everyone voting will be efficient and safe Check out these voting tips!

Every Vote Counts

Cook County Clerk Karen Yarbrough says tip number one – be prepared! Tip number two-do your homework on the candidates before you come in and vote. Lastly, it’s ok to bring your notes with you. She ensures that every precaution will be taken to make sure everyone is safe!

Clerk Yarbrough is excited to report, Cook County has all new voting machines that will streamline the voting process. She adds if you would prefer to use the old paper ballot they will have those available too. In addition, the new barcode system will accurately tally and record of voters ballot, which will make counting votes extremely efficient. After the election, Clerk Yarbrough says the office will do a full audit and confirm that every vote is counted She assures everyone voting will be safe and there will be plenty of antiseptic and gloves available! Watch this video as Lee Neubecker interviews Cook County Clerk Karen Yarbrough and asks about voter tips.

Tuesday, March 17 Vote for your Candidate!

The Video Transcripts Follows

Lee Neubecker: Hi, it’s Lee Neubecker, President of Enigma Forensics. I’m a cyber-security and computer forensic expert witness, and our firm’s based here in Chicago within Cook County, Illinois. And I have the pleasure of having our very own Cook County Clerk, Karen Yarbrough, appearing on the show today to talk to all of you about what you should know, what you should do, as you head out to vote in the next few days. Karen, thanks for being on the show and thanks for sharing these tips.

Clerk Yarbrough: Well, thank you Lee. Thank you for the opportunity. We wanted to be able to tell people what they can expect when they come to vote. For people who come to vote each and every time, they usually know. They, you need to be prepared, and one way you can prepare is by having your own notes on who you want to vote for. We have brand new machines this time, and those machines, it’s going to be a whiz. Everybody has told me they love the new machines. For those who are uncomfortable with using touch screens, we’re going to have the regular paper ballots. But, if you’re prepared to vote, it should take you a few minutes to just go straight through that ballot. And, you know, usually people have problems with all of the judges, do your homework before you come in.

LN: Well, it certainly will help speed up the lines and reduce congestion.

CY: Certainly, certainly.

LN: Also wearing gloves, if you’re really concerned, there’s nothing that prevents you from wearing gloves to vote.

CY: Not at all, we’ve seen a few. You can wear glasses. We’ve seen a few people with gloves on. We’ve seen a few people having their own pens because they plan to pull a, you know they want a paper ballot. So we’re going to, you know, bring your own pen if you’d like. We’re going to, at every station, we’re going to have the bacterial .

LN: The Purell?

CY: Yes, we’re going to have that. We wipe down the stations after each.

LN: You must have got yours early.

CY: Yes we did, yes we did.

LN: You were prepared.

CY: Yes, we wanted to be prepared. We wanted to be prepared. We were hearing about what was going on, and we know that we have one day to do the election actually. We have all of these days for early voting, but we have that one day and we got to get it right.

LN: Now, I’ve heard that there were some concerns regarding the barcode on some of the ballots that gets printed that that could be.

CY: I have no concerns about that, okay. The great thing about our new equipment is while you’ll put your ballot through and the barcode is there, but we have a record of each and every one of those ballots. If we have to go back, and we do, we go back and we review to make sure things are right.

LN: So, on paper it’s doing more than just the QR code. It also has the friendly names printed out.

CY: Yes

LN: Is that correct?

CY: Oh absolutely, yes.

LN: So the concerns that some people had were that, I think the concern was that the barcode could be different from what’s printed. But if that were the case, you’d be able to audit that after the fact.

CY: And we do a full-blown audit at the end of every election just to make sure.

LN: So someone voting, they’ll be able to actually see the print out on paper.

CY: They will be able to have that in their hands. They’ll be able to check their choices and then they will cast their own ballot, not us but them.

LN: And so it gets scanned and digitized, but then the physical ballot gets locked in the box, correct?

CY: Yes.

LN: So, there’s a dual system.

CY: Absolutely.

LN: I think that makes a lot of sense.

CY: It does, it does. And it gives people peace of mind. You hear all of these stories about well, my vote may not count, and this. I mean, all kinds of things. So to prevent those kinds of things, we have new equipment, and we have a new process, and I think people are going to like it.

LN: Great, well everyone get out there and vote. And, thanks Karen for all your work on this to help make sure election day goes smooth.

LN: Thanks.

CY: Thank you.

Cook County Clerk.com

https://www.cookcountyclerk.com/agency/2020-elections

Other related articles

Access to Justice with Jacob Meister

Jacob Meister vows to help those who don’t have access to electronic court communication to enable them to help themselves. He is running for Cook County Clerk of Circuit Court. Access to Justice is what Jacob Meiser stands for!

Election Day March 17

Cook County Clerk of Circuit Court Candidate Jacob Meister vows to bring access to justice. He’s concerned for those who aren’t represented by a lawyer in the system, who don’t have access to electronically file in the court system, who can’t afford internet access, or they simply don’t have a computer or most of all they don’t know how the electronic filing system works. These are folks without financial means and denied access to justice. Jacob Meister has a plan that will ensure everyone has access to justice.

Cook County Clerk of Circuit Court Candidate Jacob Meister, the real deal! Lee Neubecker interviews Jacob Meister to learn more about what makes him tick. Check out this video to learn more. You’ll be glad you did!

Meister says…Access to Justice to those who can’t afford it!

Part 4 of our 4-Part Series on Cook County Clerk of Circuit Court Jacob Meister

The video transcripts of Access to Jacob Meister follows

Lee Neubecker: Hi, I have Jacob Meister back on my show. Jacob, thanks for coming in again.

Jacob Meister: Thank you, Lee.

LN: So Jacob’s running for Cook County Clerk of the Court, which is one of the largest court systems in the U.S. One of the things that you talked about before is bringing about justice and access to resources necessary. What would you do to help those incarcerated have access to the information they need to defend themselves?

JM: Well, you know access to justice is one of the principal themes of my campaign because as Clerk of the Circuit Court, I’d be presiding over the second-largest court system in the country as Chief Operating Officer. And as we’re moving towards, for instance, electronic filing, there are efficiencies that are achieved. But at the same time, for those people who aren’t represented by a lawyer in the system, all of a sudden they find themselves where they used to be able to mail in their court filings, all of a sudden they’re required to file electronically into a system. It’s very bureaucratic and hard to use. So as a result, those individuals, maybe they don’t have internet access, they don’t have a computer, they don’t know how the electronic filing system works. They’re denied this access to justice unless they travel down to a courthouse during business hours, and stand in line for sometimes an hour or two, just to get assistance to file into the system. One of the things that I will do as a clerk is to provide computer filing kiosks in every library in Cook County, so that individuals who are faced with a lawsuit that they have to file a response, can do it on evenings and weekends, they don’t have to take time off of work. They can go down, and we’re going to be training reference librarians who understand the electronic filing system, and will be able to provide assistance, showing individuals how they can upload into the system so that people can file and access 24/7.

LN: So you’ll be partnering with other governments that are there, the City of Chicago, other municipalities, to actually train their staff, so that if someone doesn’t know, they’ll have the convenience of going to their local library, instead of having to take off work to come downtown.

JM: Correct, correct. And we’ve got hundreds of libraries in this county. And they’re all potential points of access to our justice system. And as we move to an electronic system, we can increase the number of points of access, and start allowing people in their own neighborhoods to access justice. And that’s really important.

LN: What about those incarcerated that are in the Cook County jail, and what not, is there access to resources there presently?

JM: Absolutely, well absolutely. You know, one of the big problems we have is that the Illinois Department of Corrections has around 600 prisoner appeals pending in Cook County alone, where prisoners appeal their convictions. Maybe they’re trying to overturn the conviction or change the sentence. And right now, records access is so limited that some of those prisoner’s appeals have been pending for more than a year without the clerk’s office being able to get the record to the appellate court, and the appellate court can’t do anything without a record. That is a travesty. So accessing justice is important. I want to have a robust case management system so that those records are accessible, and can be assembled, and that we’re keeping complete files electronically so that they can be transmitted up to the appellate court, and won’t be getting lost.

LN: Great. Thanks for being on the show, this is really helpful.

JM: Well thank you for having me, Lee.

Watch the whole series on Jacob Meister

Part 3 of our 4-Part Series on Jacob Meister
Part 2 on our 4-Part Series on Jacob Meister
Part 1 of our 4-Part Series on Jacob Meister

To Learn More about Jacob Meister

http://jacobforclerk.com/

Cook County Clerk of Circuit Court New Website

http://www.cookcountyclerkofcourt.org/NewWebsite

Cook County Clerk information on Voting

https://www.cookcountyclerk.com/service/view-all-candidates

Keep the Public Safe – Vote by mail!

Lee Neubecker, President and CEO of Enigma Forensics has a chat with the Cook County Clerk, Karen Yarbrough, on how to stay safe during the epidemic when going out to vote.

Request your vote by mail ballot today from the Cook County Clerk’s website before it is too late!

Lee Neubecker, President and CEO of Enigma Forensics has a chat with the Cook County Clerk, Karen Yarbrough, on how to stay safe during the epidemic when going out to vote.

The transcript of the video follows.

Lee Neubecker (LN): Hi, it’s Lee Neubecker from Enigma Forensics. I am a computer forensics and cyber consultant. And I have the pleasure of having Karen Yarbrough, our very own Cook County clerk here on the show to talk about today’s deadline for voting early. Karen, thanks for being on the show.

Karen Yarbrough (KY): My pleasure. So Lee, what I’d like to do today is just simply tell people, please, go online, like right now. Don’t put it off. Don’t wait until March 17th. Now, you know, that’s Saint Patrick’s Day, but it’s also election day. And we just asked if people take the time out today and go online and order your ballot, right now. Just right now, go to cookcountyclerk.com. It’ll come right up on the screen, click the button and you’re in there. And all you have to do is put your information in. We’ll send you your ballot, and we’ll also send you a return addressed envelope, no postage. We’re going to pay for it.

LN: So in light of all the concerns about the coronavirus outbreak, this is a great way to help protect yourself, especially if you’re elderly. Everyone should be doing this.

KY: Absolutely, they should. And I have to tell you that we’re kind of ahead. I’m just looking at the numbers when I was coming over here today, and we’re at record numbers right now for voting. You know, we have our early voting sites all throughout Cook County, and they’re open until seven o’clock. And so people can actually show up there today too.

LN: But right now, if someone wanted right now to do this and get a ballot sent to them at home, what address do they go to do that?

KY: Cookcountyclerk.com.

LN: And right on the homepage, physically.

KY: Absolutely. It’s right on the homepage. They can’t miss it.

LN: And it only takes what? A minute?

KY: Oh my goodness, if it takes a minute. I mean, if you know how to spell your name and your address and your zip code. I mean, that’s what you have to do.

LN: So then I’d encourage anyone that is in a nursing home or works in a nursing home, to help those people get their early ballot, so they don’t have to go to a polling place where they’re going to be around other people. And that way they get their ballot and vote.

KY: Well people who are in nursing homes, we usually have a nursing home election. But this year because of this coronavirus, we’re not doing that. Everybody who wants a ballot, we’re going to take the ballots there to the nursing home and have them to complete the ballots, and then we’ll bring ’em back.

LN: So all of you, it just takes a few minutes.

KY: That’s all.

LN: Go to the Cook County Clerk’s website. Click the link and sign up. And you’ll have a ballot and you can still vote from home. You don’t have to worry about going out to the polls.

KY: Not at all.

LN: And that will help reduce the crowds on election day.

KY: Yes, that’s my message today. Vote, yeah. Vote at home.

LN: Vote early, and often, but from home.

KY: And at home. Yes.

LN: Great. Well, thanks for being on the show.

KY: Thank you.

Cloud Cyber Risk

Cloud-based storage of an organization’s data attracts cyber hackers like bees to honey. Hackers take time to study and find flaws to breach, extract and sell personal information data. Data Experts Lee Neubecker and John Blair discuss cloud data compliance and legal regulations put in place to protect cloud-based data.

Compliance and Privacy Laws

Cloud cyber risk goes hand in hand when storing data on the Cloud. New compliance and privacy laws have been enacted to protect this cloud-based private information. The State of Illinois has passed a privacy law that specifically addresses how companies gather and store private data.

The Illinois Policy Group, an independent organization that generates public policy, explained that in 2008, Illinois enacted the BIPA, the most stringent law of any state regarding the consent, notice and disclosure procedures private entities must follow when collecting, storing or using people’s biometric information, such as fingerprints, iris scans and face prints. This law forces companies into compliance and makes them more responsible for the collection and storage of private data ultimately, decreasing exposure to cyber risk.

Data Experts Lee Neubecker and John Blair say because of BIPA companies are now more aware of how they secure and store data. They discuss other data compliance and privacy laws such as; California Consumer Privacy Act (CCPA) and Health Insurance Portability and Accountability Act (HIPAA) and how these laws help regulate the healthcare industry and other organizations when storing consumer data, and vendor data in the cloud ultimately protecting the consumer. Watch this video interview to learn more.

View Part 2 of our 3-Part Series on Cloud Data

Part 2 of our 3-Part Series on Cloud Data

Lee Neubecker: Hi I am back again with John Blair. We’re continuing our discussion on cloud security and helping to minimize your cyber risk of having data in the cloud. And today, we’re going to be talking more about some of the compliance and regulatory issues and legal issues that companies face that are having their data and customer data, vendor data in the cloud. So, John, can you tell me a little bit about some of the regulations that impact the healthcare sector specifically?


John Blair: Yeah, the primary one is going to be HIPAA and associated as subsequent acts like HITECH and things like that that augment HIPAA and some of them more clearly defined some of the rules and regulations, primarily Security Rule and Privacy Rule. So those are going to be the ones that primarily come into play, but there are also individual state versions of healthcare acts that you need to abide by and each state has one so you also need to abide by the state regulations as well.

LN: Interesting. So it really, if a company’s operating in multiple states, they have a lot of issues to be looking at.

JB: They have a lot of regulations to be aware of and to be compliant with, yep.

LN: So I know here in Illinois, we have the Illinois Biometric Information Protection Act, otherwise known as BIPA and that’s been creating a lot of stir with Facebook recently had a settlement.

JB: Yep.

LN: And apparently Illinois Residents that have Facebook accounts might be entitled to around $200 per person.

JB: Yep.

LN: If you are in Illinois and have Facebook, so possibly you will be notified.

JB: Yeah, Illinois is the only one.

LN: And do you think it will be through Facebook Messenger?

JB: I do not but Illinois because of that law, Illinois residents are the only ones that are getting anything out of that lawsuit because of that, specifically because of that law.

LN: Got it.

JB: So I don’t know the details of the law but on the surface, it seems to be headed the right direction.

LN: Right, essentially they took the position that your biometric information, unlike your cell phone or your social security number, you can’t change it.

JB: Right.

LN: So if that data becomes compromised such as your facial vector map,

JB: Yeah.

LN: Or your fingerprint or your DNA, that you can’t swap it, it’s part of who you are.

JB: Right and those, you know, we’re finally headed in the right direction where it’s being considered personal.

LN: Yeah.

JB: So which I totally agree with.

LN: We also had just last month the California Consumer Privacy Act, known as CCPA went into effect and that’s got a huge impact on anyone who does business with California residents.

JB: Yeah, that is yet to, I think people were preparing for that prior to that but it’s going forward, I’m sure there’s going to be a lot of repercussions from that because there’s going to be obviously companies and entities that don’t prepare well for that and are going to get caught up in it because it covers, California is a huge state, a lot of people so there’s going to be some lawsuits.

LN: So it’s also been such that if you’re making medical devices for consumers and you have that information, relaying over 3G, 4G networks, we’ve got CPAP machines, pacemakers, all other types Of information. LN: All kinds of monitors

JB: Yep.

LN: And that information going to the cloud, if you’re a California resident and that information gets breached, it could be used by marketers or it could be used In other ways to target people.

JB: Yeah hospitals are going to need to really step up their game with respect to that particular regulation. Hospitals traditionally are a little bit behind technically speaking from an IT point of view, they’re very much on the bleeding edge from a medical device IT point of view but they tend to lag behind because you can’t, it’s hard to afford both

LN: Yeah.

JB: But this is going to, you know, how they allow individuals or access to their networks, what they allow in and what they allow out because that’s the channel these medical devices use is going to be very, very important that they get more control over those things.

LN: So as it relates to healthcare, what are some of the concerns about when a data incident is discovered to actually turn out to be a data breach, what types of reporting and notification requirements are unique to the healthcare sector?

JB: Well, first and foremost, you need to evaluate the situation and then have in conjunction with your legal team and compliance teams, establish whether or not you do officially declare it a breach which means you need to investigate it, you need to involve any vendors that were involved with that data because it may have been the vendor that you’ve contracted with that actually had the breach of the disclosure and not you but since they’re your vendor, you’re also on the hook and that flows all the way up from business associates, which is what those two entities will be up to the covered entity who actually owns the data. So after a thorough investigation and consultation with legal and compliance, a determination needs to be made whether or not you’ve formally declared a breach. And if so, then there’s all kinds of HIPAA standards that come into play about notification to the government, notification to each individual affected by the breach, what needs to take place with respect to that notification, there’s a timeline involved that needs to be met. So there’s all declaring it a breach is a very formal and arduous task.

LN: Yeah, not a pleasant one.

JB: No.

LN: In our next segment on securing data in the cloud, we’re going to be talking more about when a breach is discovered, some of the issues related to reporting the breach and what that can mean to an entity, especially if it’s not handled correctly. So thanks for being on the show again.

JB: Thanks, Lee.

View Part 1 of our 3-Part series on Data Cloud Storage

BIPPA Laws

To learn more about HIPAA

https://www.hhs.gov/hipaa/index.html

Illinois BIPPA policy

https://www.illinoispolicy.org/

Coronavirus: The Global Impact

Coronavirus is here and leaving death and destruction in its path. Lee Neubecker and Geary Sikich uncover the Coronavirus and its global impact on businesses worldwide and what it means for us here at home in Chicago.

Coronavirus is here and globally impacting our world. Human beings are dying and the toll keeps rising more and more each day. That is the horrible truth of disease! Besides causing human pain and suffering the Coronavirus is also causing disruption and impacting many businesses that are dependant on each other. What does the impact look like? Forensic Expert Lee Neubecker and President of Logical Management Systems Geary Sikich dissect Coronavirus and the huge global rippling impact. For example; Chicago recently canceled the Housewares Show at McCormick Place which typically draws over 60,000 attendees. Everything associated with that conference will feel a significant downturn. ie. hotels, travel, transportation, local food, and beverage. As a result of this global business disruption, there will also be an increase of vulnerability and these experts anticipate an increase in cyber activity. Watch this video interview to learn more about other global industries impacted by the Coronavirus.

Part 1 of our 2-Part Series on Coronavirus

Coronavirus Series: Part 1 is about The Global Impact

Lee Neubecker: I’m here today with Geary Sikich. He’s the president of Logical Management Systems, a cyber and business continuity consulting expert. And I’m Lee Neubecker, the president of Enigma Forensics. We’re a computer forensics firm that provides investigative assistance with matters involving litigation or otherwise investigations. Today we’re going to be talking about the Coronavirus and the global impacts. Thanks, Geary, for being on the show.
Geary Sikich: Thanks, Lee, for having me back.

LN: So, Geary, can you tell everyone what’s happening right now globally, as it relates to the business environment in impacted nations?

GS: Well, the current state of affairs is that Asia is in a situation where Coronavirus continues to kind of expand. It’s expanding at a lesser pace in China, but it’s accelerated in places like South Korea and in Japan. And we’re starting to see it, obviously, move from those Asian countries into the Middle East. Iran has a huge issue with Coronavirus. Italy has another big amount of people that are confirmed cases versus cases under observation. So there’s a significant amount of human impact there. On the business side, this has disrupted a lot of businesses in just about every way you can imagine. So, the shipping industry? Tremendous disruption there. Airline industry? Tremendous disruption there. A lot of flight cancellations and other things. We’re seeing now sporting events, conferences, conventions, all kinds of things that are essentially money-makers in the normal sense, but also dependent on a tremendous chain of support to bring off. Suddenly a conference is canceled, and now you have hotels affected, you have transportation systems affected, you have all the food services affected. This kind of rippling through a lot of areas is causing a very very big concern with, not only businesses but governments. How do you control it and what do you do in this situation?

LN: So, here in Chicago, we have the Chicago Housewares Show canceled. Recently many vendors were coming from other nations where there’s a travel ban. And that impact certainly impacts the workers that are at the hotels, The audio workers.

LN: And whatnot, their hours get cut.

GS: Yeah, the interesting part about that is that when you begin to look They had on the news the other day, They had on the news the other day, was talking about the cancellation of this convention. 60,000 people come. And obviously there’s a lot of work that’s done: Setting up booths, displays, and all the other things that go along with it. Suddenly, he’s out of work for a period of time until the next convention comes in or maybe doesn’t come in. But that ripples through to hotels, food services, restaurants, your taxi cabs, your Ubers, your Lyft, your everything associated with coming to a place for a conference or a convention. So a huge impact. But then you also have So huge impact.

LN: But then you also have and these deliveries are now delayed because of the dockworkers that load up the equipment

GS: Systems.

LN: And these deliveries are now delayed where they have restrictions in place.

GS: And an interesting sidelight to that is that you look at the shipping industry and the amount of material that’s shipped by the containers those ships carry are what they call 20,000 TEU which is a 22-foot equivalent unit. Or 20-foot equivalent unit. Anyway, it’s a size that they have. If you look at that aspect, one of the things that some companies are starting to encounter, and I think you’re going to see more and more of this, is that because of delays in shipping, suddenly the container supply is not as available because your container, Lee, that you shipped, full of your product is sitting out in the ocean waiting to dock at my port, but it can’t come in because it’s quarantined? And now that container is going to sit. But John’s company needs a container to ship his product. Can’t get it because your container’s the one he would’ve normally gotten. So huge impacts in terms of ripple effects in a lot of it. So the average time that the container holds goods, in terms of the number of days is increased markedly. And the existence of the containers largely

LN: So the average time that the container holds goods, so there’s a shortage. Right. And if you think about this in another context, the number of things in the containers, it’s not just computer chips,

GS: Right. Roughly, and I heard a figure that was kind of astounding to me, but about 80% of all the containers are full of perishable foods.

LN: Oh yeah, certainly.

GS: You’ve got your bananas, and oranges and things that we don’t necessarily get in Chicago in the wintertime ’cause we don’t grow them.

LN: Oh yeah, certainly.

GS: You’ve got your bananas because it’s no longer fresh. I’ve got to decontaminate the container. because we don’t grow them, in terms of how these all are impacted. Which gets us into looking at, from a computer security standpoint. These are tracked. Barcoding systems and whatnot. How easy is it for that to get disrupted because somebody decides it’s an opportunity to hack into a network?

LN: Certainly, when systems are constrained and overworked, it’s the likelihood of a failure or an attack compromising the system goes up. So it creates a real opportunity for a hacker to strike and have a magnified impact, So here in Chicago, we have a lot of companies that are impacted by this. We’ve got Boeing, We’ve got United Airlines. Boeing. Major facilities for companies that, while headquartered elsewhere, operate big hubs out of Chicago. Especially in the airline industry.

GS: United Airlines. still, kind of the shipping center for a lot of the country. And if you look at the Chicago area, if you will, you’ve got then industries in Northwest Indiana, you’ve got industries south of Chicago.

LN: Rail.

GS: A huge amount of rail traffic that goes through. The expressway between Indiana and Chicago, 80, 94, is one of the heaviest traveled expressways in the world. You’ve got a number of other businesses that suddenly have the exposure that they hadn’t realized. A huge amount of rail traffic that goes through. What would happen if you took the casinos in the Chicago area and closed them down for two weeks? It’s not just casino workers. It’s not just the amount of money the casino’s going to lose by not being in operation. It’s the day worker. It’s what we call the gig economy. Those people who live paycheck to paycheck that are dependent. So suddenly, they’re without. How are we going to deal with making sure that there’s a, if you will, an equilibrium or a safety net for those entities? One of the things we’re faced with, starting to see now, the City of Chicago’s just announced they’re just putting together a pandemic taskforce. They’ve had a few months watching it unfold in China. much like the rest of the United States, and, if you will, the rest of the world in some respects. Why has it taken this amount of time, and what do we need to be aware of from a private-sector standpoint as to what the public sector is going to do? So from a planning standpoint, this is critical. If you’re a business and you’re putting together a plan, and your plan suddenly conflicts with the City’s plan or the State’s plan, what happens then? How do you deal with that?

LN: Those are all great points. In our next segment, we’ll be continuing our discussion, and we’ll be talking a little bit more about what it’s been like for businesses that are going through some of these extreme measures that are being put in place to help protect and contain the virus from spreading. Thanks for being on the show.

GS: Thanks, Lee.

Other related articles

City of Chicago’s response

https://www.chicago.gov/city/en/depts/cdph/provdrs/health_protection_and_response/news/2020/march/public-health-officials-announce-new-presumptive-positive-case-o.html

For information about how you can prepare from the Center Disease Control.

https://www.cdc.gov/coronavirus/2019-ncov/community/index.html

Data Breach Response After the Fact

Your email has been frozen and your company website is down. Your IT department has confirmed a data breach. What do you do next? Incident Expert Lee Neubecker and legal expert Kari Rollins offer easy instructions about your next important steps.

It’s a fact! Your IT team confirmed a Data Breach or incident has occurred. What do you do after the fact? Forensic Expert Lee Neubecker and Legal Expert Kari Rollins say don’t panic! First, convene with your incident response team, start to investigate under privilege, and contact a 3rd Party forensic expert to help preserve vital information. Watch the rest of this video for further recommendations about data breach response after the fact!

View Part 3 of our 3-Part Series on Data Breach

Part 3 of our 3-Part Series on Data Breach

The Video Transcripts of Part 3 of our 3-Part Series on Data Breach follows

Lee Neubecker: Hi I’m back again with Kari Rollins, and she’s here talking with me today about data breach incident response. The Sedona Conference recommends, how an organization should respond to such incidents. And we’re talking in this third part segment about what to do after an incident has been reported. So Kari, please tell me what the initial issues are that come to mind when you get that phone call from a client that says something happened.

Kari Rollins: Sure, so usually, as we were talking about in a prior segment, you may not know whether you’ve had a breach as defined by law. You are just told by your information’s security team, or an employee or a manager that you’ve had, there’s been an attack. Or there’s been, “I can’t get access to my email,” Or, “My account’s frozen.” So you immediately start to investigate. You want your.. according to your incident response plan which we’ll hopefully have in place, you’ll convene your incident response team; you’ll start to investigate under privilege. You’ll call if you need your outside forensic investigator to help you access it. Help you access what’s happened, right? That the facts in an incident are really, really important because they drive the legal conclusions. Have you had a breach, or have you had an incident that has resulted in the acquisition with just the access to personally protected information? Or are you.. did you have an incident where maybe the systems that house the personal information were accessed, but there’s no evidence that the malware ever made it into the room where the family jewels are hidden and they were taken out. And that’s an important part of understanding whether you actually have a legal obligation to notify regulatory authorities or consumers. So the first step is always convening the team, putting it under privilege, calling your experts, and starting to investigate the important facts. Was this an outside threat, was it an insider threat? I know you’ve had experience a lot with investigating internal threats, which are on the rise these days as I would expect.

LN: And a lot of these incidents, it may be reported as a data breach, and the question is well, how did it happen? And sometimes, it’s not too uncommon that IT staff don’t receive the resources they request, and that data incidents happen as a result of being under-resourced. And in circumstances like that, there’s still a lot of pressure on the people managing IT, to not only run the organization ongoing but to deal with this whole new layer of troubles. So having that team in place beforehand where those relationships are there really helps.

KR: Yes

LN: And the other thing too is, you know, if there is a failure internally, it’s more difficult and less likely that you’re going to get the facts quickly if you’re using the team responsible in some way for the breach to report on what happened. I always recommend that after that initial meeting that preservation of key data occurs, and is offloaded outside the organization. You know, log files, certain key computers, email systems to the extent that they were modified so that there’s the ability to do that analysis. Because when an organization has an incident, it’s quite possible that all the data disappears, and the effort to cover the tracks.

KR: Or it’s not even, it may not be as nefarious as that. It could be that the teams are working so quickly a lot of the remediation plans are to thwart the malware and to remove it. But, in a lot of instances, you need to safely remove it and keep a copy of it, because you need to reverse engineer it. And understand how it got there, understand other signatures it might have; so being thoughtful, and we talk about this being thoughtful about evidence preservation is really critical, especially if you get to the point at which you do have a breach that requires notification. And litigation regulatory inquiry ensues, you will have been expected to preserve that evidence and show the chain of custody. Otherwise, you could have allegations of spoliation leveled against your company.

LN: And I’ve seen circumstances too where a legitimate data incident happens and we’re able to get it quickly and identify the impacted individuals. And sometimes it’s just been a few people; in a circumstance like that, it’s much easier to reach out to those individuals, make things right, and resolve the issue. And be able to report to them what happened. It’s much better than having to publish on your website and report to the attorney general that you had some massive data breach. So, not all data incidences are massive data breaches.

KR: That’s true, some of ’em impact you know, one or two individuals, and you may still have an obligation to notify them under the relevant law. But they don’t have to be the big massive breaches. And again, I think the great thing about the Sedona Conference Guide is that it’s, you know, it helps companies navigate small to big breaches. You know, it’s not intended to be the ultimate authority on the law in this area, because the law is ever-changing. But what it does is it helps companies issue spot from a practical perspective so that they know what laws they need to consult, and why and what issues they need to address, like for example, notifying your insurance carrier. One of the big questions we always get is, Well, we’re the victims, here; the company X is a victim of this cyber attack. Who’s going to pay for it?

LN: Yes.

KR: And so, insurance coverage for cyber incidents has is a really hot button issue these days. And so it’s important for companies to know in advance what their policies say, what the notification requirements are. Even if they just have a sniff of an incident – maybe it’s not a breach. So that the third party and first-party costs are covered, and that you’re working with your insurance carrier, and you’re working with your insurance council to ensure that coverage. And to make sure that you’re getting the right information to your insurance carrier about your forensic teams. Are they approved? What rate are they going to be reimbursed? What type of reporting do you have to do from a cost an expense perspective to your insurance carrier? So.

LN: And, it true that if companies use their own internal IT resources to do the investigation, that the insurance carriers usually won’t pay out their own internal resources?

KR: It really depends. It depends on the policy.

KR: It really depends on the policy. There are, in some instances, some policies would cover the first party staffing costs, so for example, if you had to pay staff overtime to work 24 hours a day to try and investigate, you may be able to claim that. But it really depends on your policy. There’s certain.. there’s certainly reimbursement line items for business disruption and business interruption. Or, you know the loss of business, loss profits line items, as a result of ransomware tax. But again, knowing your policy is a critical step in preparing.

LN: Where do you see the benefits of using an outside forensic investigator as opposed to internal IT to investigate when an incident happens?

KR: You know I think it’s two-fold, one, a lot of internal IT teams are taxed as it is with their day to day obligations. And if an incident is one that is medium-high critical, you want to be able to dedicate the resources to the incident to investigate swiftly, and to ensure that there’s no delay. And so pulling in a third-party forensic expert alleviates some of that burden and stress on the IT teams. And then separately and secondly, it also creates a level of objectivity that is.. that benefits the company in the event. Or in the unfortunate event, someone in the IT group may have made a mistake that caused the vulnerability. There’s less likely that that mistake would be covered up. Or there’s going to be more candor from the third party expert, the to management team say like, “Hey, this issue should have been addressed”. And it wasn’t, and now you know what thwarts may be in the event. You have some litigation down the road and you need to defend. But so I would say really sort of time and devotion of resources where needed, and objectivity.

LN: Great, well thanks a bunch for being on this show; this was great.

KR: Absolutely, thank you.

Part 1 of our 3-Part Series on Data Breach

Part 1 of our 3-Part Series

Part 2 0f our 3-Part Series on Data Breach

Part 2 of our 3-Part Series
Data Breach Incident

To Learn More About Sheppard Mullin / Kari Rollins

https://www.sheppardmullin.com/krollins

Securing Data in the Cloud

Secure Cloud Data! Large organizations buy cloud services that provide storage on servers and other devices and connect with computer networking equipment throughout the world. So, how are they securing the data? Experts Lee Neubecker and John Blair say start with knowing what data is being stored.

What steps do organizations need to take when securing data in the Cloud?

The Cloud is digital storage that is physically secured and stored on big servers owned by big companies and made accessible through the internet. These big companies are connected with other computer networking equipment throughout the world. Does this sound too big to secure? Experts say there’s no time like today to understand where your data is stored and how it’s secured.

Today on the “The Lee Show”, Forensic Expert, Lee, and his guest John Blair who is cyber governance and information technology expert, explores the complexities of cloud-based security and storage. John suggests starting with obtaining a holistic inventory of your organization’s data and most of all be aware that some employees bring their own applications and use their own personal device to store organizational data. Check out this video on securing data in the cloud to learn more about cloud storage and cyber risk.

Part 1 of our 2-Part Series on the Securing Data in the Cloud

Part 1 in our 2-Part Series on Securing Data in the Cloud

The Video Transcripts on Securing Data in the Cloud follows

Lee Neubecker: Hi, I’m here today with John Blair. John is a cyber governance and information technology expert. He’s on the show here today with me to talk a little bit about securing your data in the cloud. Thanks for being on the show again, John.

John Blair: Hi Lee, good to be back, thank you.

LN: So we’re talking about cloud cyber risk. What do organizations need to be looking at to help secure their data in the cloud?

JB: I think first and foremost, you need to understand where is all the data and how do people get data in and out of their environment? There’s a lot of things typically called Shadow IT, where certain departments or certain users might you know, for example, start sending things to Dropbox to sync data amongst themselves to make it easier for themselves. But they might be syncing confidential information that’s not on Dropbox and the organization has no idea about it. You know, that scenario plays itself out over and over and over again, where there might be departments that actually use applications in the cloud that thus obviously, are processing data as well that the organization might not know about either. So you need to get an inventory of data. Where is it from a holistic point of view?

LN: And today you have the Bring Your Own Cloud, BYOC,

JB: Yes

LN: Many employees are bringing various apps with them that they’re used to using from their prior employers, and they’re wanting to use these apps. Sometimes they’re putting them on their smartphones and whatnot.

JB: And that’s driving a lot of the corporate action towards that. The cloud for first and foremost is a cost-savings for the most part. But what people are not realizing is that along with those savings comes certain responsibilities. And, from a user perspective, you know, people are used to as you said, people are used to certain applications, they’re used to certain things on their phone, or on a tablet or they’re used to working in a certain way with certain applications. And then you get in a corporate environment and those applications or that way of working might not be available. And so people start voicing that, and it becomes, you know, somewhat of a problem for corporate to adapt and keep up.

LN: So organizations, especially healthcare-related organizations, as well as financial services and other organizations that depend on intellectual property have a real risk here, don’t they with people bringing apps?

JB: They have a very big risk. Both of those sectors are heavily regulated. Data needs to be very tightly controlled. Breach notifications in the event that it happens become a very big deal, very public. And if you can’t explain where the date is, and where you know, who has it, then you have a problem.

LN: So isn’t there also risk not only faster dissemination of intellectual property and trade secrets, but what if the information becomes compromised by malware or a hacker to morph the data or destroy the data?

JB: Yeah, your only recourse at that point is to have really, really good backups. Because otherwise, you have no actionable direction to take. If you don’t have a backup of that data, you know, you have no ability to recover. It still might be considered a breach, a lot of times, and certain organizations or certain regulations. So you still might have to report it, even though the data has never left your organization, the fact you’ve lost control of it might be considered a breach. So that might be something you’d have to consider with your legal teams. But it’s not, it’s still a very big deal because you no longer are able to use it.

LN: So don’t you have a risk though, that if your backup is online, that the attacker could compromise your primary source and then your backup drive attached to your server?

JB: Well, hopefully, they haven’t gotten that far. But if generally speaking, your backups are always in the separate physical location, and not necessarily on the network.

LN: So you rotate them?

JB: and they’re separate, you know, media and things like that, but yeah, if you’ve gotten to the point where they’ve corrupted your database, they’ve encrypted your database, and they’ve also encrypted or destroyed your backups, you’re, in a very bad way.

LN: So knowing that hard drives sometimes fail, if you’re using a physical hard drive to write the data to, what do you think most organizations should be doing to ensure they have a certain number of versions that they can restore to?

JB: Well, normally backup systems are version controlled and so you do backups based on frequency. You do daily, you do hourly, you do you know, on the spot, so there point in time, a lot of times where there’s a lot of people, organizations, that can afford it have failover data centers, for example, that are mimicking the primary data center. So there is no loss of processing. but that’s very, very expensive to do. But yeah, you should definitely have you know, off-site storage of data. But those are all historical, and things that are not necessarily online that you can immediately refer to those lesser compromised to your point. LN: So when you’re considering bringing in a cloud provider to your organization, is it an official, non-shadow ware operation? What are some of the questions you ask of your vendors and things that you look for to help secure, ensuring those cloud providers are secure?

JB: Right. First and foremost, do they have some sort of testations with respect to the services you’re going to use for that provider? Cloud providers have hundreds and hundreds of services, not all of them are audited by an independent auditor, not that that guarantees anything, but at least if it’s the services you’re going to use or the applications you’re going to use. or the locations you’re going to use with that cloud provider, then you have something to point to say, you know, we did our due diligence, and they have these SOC 2’s or whatever form it might take. But you have to do something on them to ensure that, because the cloud is half their responsibility and half of yours, and you have to make sure they’re doing their half.

LN: So what other things do you think that organization should look for if they’re using data in the cloud, how to maximize the security of that data?

JB: First and foremost, I think they need to within their own organization, block these drop boxes and the Google drives and all that sort of stuff like that, so that people individually can’t make you know, downloads for example, from the database and then upload it to Dropbox or Google Drive or whatever, and then go home and look at the same documents. You know, from a personal perspective, that’s very convenient, it’s very nice to have to be able to sync and you know, you can use one, one central source of the information, but from a corporate perspective, that isn’t your data. It’s a corporation’s data. And so, you know, the corporation needs to be responsible and know where that data is going, and how to prevent it ideally, from getting there. It’s very easy to drop, you know, to block Dropbox at a network level, you know, but the problem is that there are hundreds of those types of things to block. And so you know, you need to do a lot more care from a corporate perspective internally to make sure that your users aren’t putting data someplace where you lose control of it.

LN: And are there any, any other things that you’d recommend adopting if you’re going to use these cloud platforms to help ensure that hackers don’t get access to user accounts?

JB: That’s an interesting one because as yours been, you know, almost all those user accounts have been hacked at one point or another. And so the only thing protecting me at this point is a password. I think multi factors in you know, bio authentication type of actions are the only thing you can do to improve your chances of those accounts not being used by inappropriate people. Because the accounts themselves are basically public knowledge, you know. Your, you know, your username is public knowledge, the only thing protecting it is a password.

LN: And so, you know, the multi-factor authentication actually addresses and requires that you have to have three factors. Something you know, something you are, or something you have.

JB: Right.

LN: So, for instance, many people know their password. They might have a thumbprint or they might have their cell phone.

JB: Right.

LN: That is something that they have. So you know, having that second factor makes it less likely that someone can simply get the password and get in.

JB: Right, where they send like to your point the phone, they send a code to your phone, you enter the code into the application–

LN: Exactly.

JB: And then you gain access. Until then you’re simply at the network border.

LN: So on our next video, we’re going to be talking a little bit more about, again about the cloud, cyber risk security and specifically we’ll talk about some of the legal and compliance issues that arise. Thanks for being on the show.

JB: Thanks, Lee. My pleasure.

Other related articles about securing data

National Institute of Standards and Technology on Securing Data in the Cloud

https://www.nist.gov/system/files/documents/itl/cloud/SP_500_293_volumeII.pdf

Academia Data Governance Information

https://www.academia.edu/37900938/Information_Governance_Concepts_Strategies_and_Best_Practices.pdf

Debt Forgiveness with Jacob Meister

“Wipe out court debt!” says Jacob Meister, candidate for the Cook County Clerk of Circuit Court. He has a plan to ease the crushing burden of fines, fees, and forfeitures. Check out this video to learn more about his solutions.

Debt forgiveness is now one of the most popular presidential campaign promises but what does it mean on the local level. What does debt forgiveness mean for the City of Chicago taxpayers?

Enigma Forensics President & CEO Lee Neubecker interviews Jacob Meister, who is running for the office of Cook County Clerk of the Circuit Court. Lee is interested to learn more about what are Jacob’s plans regarding debt forgiveness.

Part 3 of our 4-Part Series on the Cook County Clerk of the Circuit Court, Jacob Meister

Part 3 of our 4-Part Series

Part 3 of our 4-Part Series on Jacob Meister

Lee Neubecker: Hi, I have Jacob Meister back to my show, Jacob thanks for coming.

Jacob Meister: Well, thank you for having me Lee.

LN: Jacob’s running for Cook County Clerk of the court. And we’re going to talk today a little bit about some things that have been trending in the news related to debt forgiveness. From the federal student loan debt, there have been talks about wiping out the debt owned, lots of people are concerned over medical-related debt. But now there’s been some, some calls by one of the candidates running, requesting that we just wipe away the Quartet. And I wanted to get your feedback on what the problem is there, and what do you think the solution is?

JM: Well, for years, I have been an advocate for easing the burden with court fees that are charged to litigants, fines, and forfeitures that go through the clerk’s office. The clerk is required to collect fines, fees, and forfeitures that are implemented usually by statute, or by sometimes by the court rules themselves. But what we see is a tremendous economic cost and social injustice that’s done. So just imagine you’re a single mother who’s been evicted from your apartment or your home. And you in order, you get a summons from the sheriff saying you must appear or you’re going to get a default judgment entered against you. But first, you have to file an appearance and pay a fee. It’s going to be $250 to defend yourself. And if you don’t, you’re going to get defaulted. And this is a crushing burden, you know, single mother, and it can affect that anybody who’s battling an addiction, be it child custody, it could be dealing with a divorce, it could be dealing with any number of things. We need to stop placing a crushing burden on the users of the court systems and make up a system that’s available to everyone.

LN: But who decides what that fee is?

JM: that with that state legislator, and that’s the Supreme Court, and the county board. some of those fees go there too. We have to stop squeezing court users to pay these fees and start paying for it in other ways. But in any event, I have been a supporter of for instance, when people get fines if you have a fine, you know, you would support and post fine and some people can’t pay it and it becomes this burden and you get trapped and sometimes you get imprisoned. Because you can’t pay these fines that you’ve been ordered to by the court. One of the things that we that I worked on in Springfield and we need to expand is allowing people to get credit for community service so that they have if they can’t afford to pay the fines, they have a way that they can provide community service and reduce that fine over time. We have to come up we have to be better about how we handle these things. We know, we have to stop taking away people’s drivers licenses, because they can’t pay their fines because that puts them in a cycle of debt that they can never get out of, because all of a sudden, they can’t drive themselves to work, they lose their jobs.

LN: They can’t get a new job,

JM: they can’t get a new job. Exactly. So we need to ease the burden there. I will continue to work with the folks in Springfield, with the folks in Cook County government, and with the courts. I’ve got very good relations there, And I will work to make sure that social justice is being achieved, and that we’re not putting people in a vicious downward spiral of debt.

LN: So some of the efficiencies you talked about earlier about making the court more efficient. Some of those efficiencies might help to pay for some of this relief on some of the oppressed people that are really being trapped in a cycle.

JM: Absolutely. Absolutely. Absolutely. And that’s the goal is to make sure that our courts are accessible to everyone, that we’re doing justice, and that we’re achieving social justice. We’re not just trapping People in a court system and in burdensome debt.

LN: Well, thanks for being on the show again.

JM: Well, thank you for having me, Lee.

Part 1 of our 4-Part Series on Jacob Meister

Part 2 of our 4-Part Series on Jacob Meister

Part 2 of our 4-Part Series on Jacob Meister, Cook County Clerk of the Circuit Court Candidate

View Jacob Meister’s website

htttp://jacobforclerk.com

To View Internal Related Articles

View Government Debt Forgiveness Programs

https://www.chicago.gov/city/en/depts/fin/supp_info/debt_relief_faqs.html

Prepare for a Data Breach

Don’t fail to prepare for a data breach! Check out what experts Lee Neubecker and Kari Rollins say are the three strategies to prepare for a data breach.

In the famous words of Benjamin Franklin “By failing to prepare, you are preparing to fail.” Forensic Expert Lee Neubecker and Kari Rollins with Sheppard Mullin agree with our Founding Father and warn that a data breach is inevitable, don’t fail to be prepared!

In her practice, Kari focuses on data privacy, data security and data breach preparedness. Together, they discuss two basic strategies to help you prepare for a data breach; understanding what data you have, where that data resides. Check out our video with transcripts to learn more on how to prepare for a data breach.

Part 2 of our 3-Part Series on Data Breach

The Video Transcripts of How to Prepare for a Data Breach Follows

Lee Neubecker: Hi, I’m back on the show again with Kari Rollins. Thanks for coming back again.

Kari Rollins: Thank you.

LN: We’re continuing our discussion about the Sedona Conference Data Incident Response Guide and some of the best practices of how to prepare for the inevitable data breach and what you should be doing beforehand. So Kari, can you tell me what some of the things are that you advise your clients to do in anticipation of a potential issue?

KR: Sure, and I think planning, in our view, is just as important as the actual response itself and how you investigate. And in the Sedona Response Guide, we’ve pulled together some suggestions for sort of two elements of planning. One is the more technical, understanding what data you have, where that data resides, what your network systems are so that when you do have an incident, and you have to understand what information may have been impacted, to understand whether you have a legal obligation to notify, you have a better understanding and a better map of what those systems are and the information they hold. And a lot of times, using not just counsel and conducting that analysis, but using third party forensic firms to come in and help with that data mapping process is a really important step in getting prepared to understand where are all of the jewels of the company lying within the systems to know what the type of critical impact could be if one of those systems is hit.

LN: And some of the problems I’ve seen is, oftentimes the documents that are distributed and given to legally become outdated, so this is something really that organizations should be periodically updating their network data map and actually using either consultants or tools to help them map out what devices exist on their network.

KR: Right, exactly. And to that point, too, understanding what contracts with those vendors control here. Especially in the event, you have an incident that impacts the system that is managed by a vendor, do you know what information is being controlled by that vendor, and how you all are going to liaise when that incident occurs, who’s going to take control, what the contractual obligations are? Because vendor management is a hot-button issue these days. The FCC itself just came down with a number of guidelines and best practices for vendor management, so being prepared in that sense, knowing where your data is, who your vendors are, who controls it is really important.

LN: Exactly, and I can’t stress enough, it’s important, too, that companies have offline backups of their data because if you have a storage mass go down suddenly, if your company doesn’t have offline documents that describe what the drive geometry for that raid array is, the ability to recover the data becomes compromised and if a hacker gets in and takes out a storage network and the documentation for how to rebuild that storage network is on that drive, that could cause a real problem.

KR: Absolutely.

LN: Do you see that this guide is applicable to companies that are concerned about cryptolocker type malware as well?

KR: Sure, I think this Incident Response Guide can help guide companies through any type of incident, whether it’s a ransomware attack, where their information is being withheld from them, whether for ransom or for other purposes, it could just be useful in investigating the so often seen phishing attacks that seek to attack the email accounts of employees and then further perpetrate other credential harvesting schemes. So it’s useful in the sense that it helps companies prepare for any of those types of attacks. And it does so by helping them with the data mapping, giving them some guidelines on that front. And then also helping them to craft an incident response plan, which I think it’s just as you were talking about, being prepared here with an incident response plan is also the other critical component of preparation and it’s not a one-size-fits-all for the companies. You can’t just, there aren’t these stock-standard off-the-shelf policies that you can then apply because each company has different data systems, and different requirements, and different teams. But this guide provides you with resources and guideposts for how you build that plan that makes sense in the context of your company.

LN: Exactly, and depending on where the company operates, if they operate in Illinois, they might be subject to BIPA, the Illinois Biometric Information Protection Act, which has a whole host of unique requirements. So in our next segment, we’ll be talking more about what should be done after a data incident arises. Just because it’s an incident, does not mean it’s a data breach, but there are certain things you want to do, like have your team in place beforehand. But before we leave, what are your recommendations and what does Sedona say about forming a team to be able to respond in advance of an incident?

KR: I think that is probably one of the most critical elements of an incident response plan is really just knowing who your team is going to be. Who are the individuals that you are going to call when an incident occurs and building that team, it’s important to have the right buy-in? Legal, of course, is extremely important because you want to be able to conduct the investigation under privilege, and in a fashion that gets the facts to your legal counsel in a timely and expedient manner so that you can understand the point at which you have information that suggests you’ve had a breach as defined by law. Because the point at which you learn you’ve had a breach is defined by law as to when your clock starts ticking for notification and that’s in some jurisdictions, that’s a really tight turnaround. So in the incident response plan, in the Sedona Conference Instant Response Guide, we talk about having that team. Having the information security teams, knowing who your third-party experts are going to be if you need third party support to come in and investigate, knowing who your crisis management team from a PR perspective would be. So having all of those individuals listed, with the contact information in the back of your plan so you know who to call, sort of the Ghostbusters, but the privacy busters of an incident, who are you going to call when you get an incident. So I think that’s most important because having the right people mobilized is going to save you time in the end.

LN: It’s important, too, that especially with your forensic experts, you want to make sure you’re working with experienced people that understand the sensitivity around email because as you investigate incidents, your initial impression of what happened or what is going on might change as you learn new information, so it’s important not to begin with the word data breach when you don’t know if it’s a true data breach. Because sometimes, an organization has a security incident but there’s no proof that any data actually exfiltrated or that it was used in any way, so that’s part of at least during that response that we’ll talk about next, those are part of the issues that need to be investigated, but being sensitive to that and making sure that privilege is in place and communications is definitely important.

KR: Yeah, exactly.

LN: Well, thanks and tune in to our next segment where we talk about what to do after the inevitable data breach.

KR: Right.

View Part 1 of our 3-Part Series on Data Breach

Related Articles on How to Prepare for a Data Breach

Prepare for a Data Breach, Secure Your Supply Chain

Learn More About How to Prepare for a Data Breach. Check out Kari Rollins

https://www.sheppardmullin.com/krollins

More About Sedona Conference Data Breach Guide

https://thesedonaconference.org/search/node/data%20breach%20guide