The Law Offices of Mary N. Chaney, P.L.L.C.
The Cyber Security Law Firm of Texas

Mary's Blog

The Breach Whisperer

About Mary....

Mary N. Chaney, Esq., CISSP, CIPP/US is a former Special Agent for the FBI where she investigated cybercrime, a seasoned corporate executive that built and operated information security teams and now a cybersecurity attorney.

As a self-described “Breach Whisperer” our firm can train your company to properly prepare for your eventual breach!

The overall goal of our firm is to use our wealth of knowledge and expertise to help support, translate and advise, Boards of Directors, CIO's, CISO's and General Counsel's on how to legally protect their company from cyber related risk.

Blog Entries


 

Everything Rolls Down Hill.... Including Cybersecurity Attacks

See Article Here

Any cyber security professional will tell you; you don’t have to be the BEST; you just have to be BETTER than the person behind you! Hackers…. especially the non-state sponsored type, attack the weakest link. Attacking network infrastructure through brute force, DoS/DDoS, Man in the Middle, SQL injection etc. are still treats but most Fortune 500 companies have protections against such attacks and can recover quicker. So, thinking as a criminal, what’s easier to attack? The nationally recognized bank or the local school district? In reality if all I want to do is collect names, addresses, Social Security Account Numbers (SSAN) to commit some sort of identity or medical fraud, there is really no difference between an adult and a child as long as the information matches and can be used to commit the underlying crime.

I am here to tell you there are only a few places that have my children’s SSANs and one of them is the school district. I am also aware of the fact that many school districts do not have the training or resources to protect the data that they are entrusted with, which is probably why I have credit monitoring on my kids as well.

The challenge, as with parenting, it takes a village! School districts need to partner with security and privacy professionals and vendors to pass along the knowledge to create more educated youth. It is fair to note that approximately 67% of millennials have never taken a high school cybersecurity class. The opportunities are there we just have to roll with gravity.