TEMVI Cybersecurity

01/10/2022

If your company is in the midst of implementing new changes, transforming, merging, evaluating best practices or deploying a new electronic records management system, it is important to begin the process of shoring up your legal and technology defenses against a potential cyberattack NOW!

Instead of waiting until you've already implemented changes, we believe you get the greatest value from improving cybersecurity management while you are in the process of transforming. Note the following cybersecurity article from Lawfare, a lawyer blog that agrees with this idea:

"Mergers and acquisitions. The cybersecurity attorney working for a growing company must be cognizant of the risks associated with mergers, acquisitions and divestitures. Prior to a merger or an acquisition, the cybersecurity attorney should evaluate the potential addition for cyber risks, as well as its practices in stewarding data. As the organizations are merged or one is acquired, cybersecurity best practices should be adopted and shared—with any necessary training provided to employees—throughout the whole organization. This process should go beyond dictating that one organization’s practices be applied to the acquired or merged organization. Rather, policies, practices and procedures should be assessed to see what fits best."

https://www.lawfareblog.com/what-cybersecurity-legal-practice

Please note in the link below our highly qualified attorneys, healthcare experts and technology professionals who form our cybersecurity team that will evaluate and make recommendations to improve management of cybersecurity in your organization:

https://www.temvi-information.com/team

We are one of the few firms that have combined cybersecurity expertise from both a technology and legal perspective. We are experts in both areas and have integrated the two to great effectiveness.

Some considerations for companies looking to build out a cybersecurity legal practice.

11/17/2021

Healthcare providers should be aware of this case in which a woman sued a hospital and doctors for proceeding to deliver her baby in the midst of a cyber attack that the suit claims resulted in diminished care. The baby died earlier this year.

This is an example of the type of potential liability doctors, medical practices and hospitals are exposed to in the wake of an increase in cyber attacks on healthcare systems. Our services will help you avoid such liability.

This article explain how hospitals can be affected by ransomware attack which may pose a serious danger to the very existence of the health care provider.

11/11/2021

This is an example of the legal risks that CEOs and board members face from cyber attacks when they do not exercise the required due diligence as fiduciary leaders and owners of their IT systems. Not only can your company be held liable for damages from cyber attacks. You can also be held personally liable, both civilly and criminally.

SolarWinds Corp. investors have sued the software company's directors, alleging they knew about and failed to monitor cybersecurity risks to the company

11/09/2021

Black Cybersecurity involves the evaluation of vulnerabilities and threats to African American enterprises using traditional cybersecurity principles with an eye toward the unique value of these institutions and to the unique threats that they face. Black Cybersecurity matters to all allies of the African American community who appreciate the unique role that these institutions play in American society, their immeasurable value and the unique vulnerabilities to which they are exposed.

Black Cybersecurity involves the evaluation of vulnerabilities and threats to African American enterprises using traditional cybersecurity principles with an eye toward the unique value of these institutions and to the unique threats that they face. Black Cybersecurity also matters to all allies of....

11/08/2021

Healthcare Providers Are Uniquely Vulnerable to Cyberattacks

The extremely high value of medical and health care-related records (e.g. patient treatment records, insurance records, prescriptions related to controlled substances, Medicare and Medicaid records etc.) in the criminal underworld makes hospitals and healthcare systems uniquely vulnerable to cyber a...

09/17/2021

Why Does the CEO Need to Take Control of Cybersecurity?

Your CEO and board of directors are the legal owners of your IT systems. They are legally accountable for cybersecurity. They are accountable to parties that share confidential information with you. This includes:

-Customers
-Shareholders
-Investors
-Patients
-Joint Venture Partners
-Limited and General partners
-ERISA employees and others who entrust data with your firm

09/16/2021

How Does TEMVI Help CEOs and Board Members?

TEMVI helps CEOs and board members understand their legal duties around cyber security and teaches them how to manage the senior executive team according to recognized cybersecurity models. Our counsel helps CEOs protect:

-Assets from cyber-related legal claims

-Personal and professional reputation

-Freedom from civil and criminal liability

-Insurance claims and insurability around cyber incidents

09/15/2021

How is TEMVI Different From My Current IT Cybersecurity Provider

In our experience, your IT provider is likely doing an adequate job. However, most CEOs and boards would be hard pressed to explain why or what they are doing. IT and cybersecurity are--in many ways--a "black box". In most cases, CEOs and boards are trusting their IT team. However, your IT provider is neither qualified nor legally permitted to offer legal opinions on issues like legal cyber risk and liability. Nor should your IT team evaluate their own work.

Unlike IT operations, flaws in cyber security are invisible to system users. You will only know that your trust was misplaced after an attack. The worst part is that following an attack the IT team simply moves on to another job. The CEO and board of directors will be left to grapple with the consequences of the cyber attack.

TEMVI provides leaders with:

A legally reliable legal opinion on cyber risk based on established cyber security standards of care and applicable law
Direct advice to the CEO and Board
Advice at reasonable, fixed fees that are proportional to your organization's revenues

09/15/2021

How is TEMVI Different From My Current IT Cybersecurity Provider

In our experience, your IT provider is likely doing an adequate job. However, most CEOs and boards would be hard pressed to explain why or what they are doing. IT and cybersecurity are--in many ways--a "black box". In most cases, CEOs and boards are trusting their IT team. However, your IT provider is neither qualified nor legally permitted to offer legal opinions on issues like legal cyber risk and liability. Nor should your IT team evaluate their own work. Unlike IT operations, flaws in cyber security are invisible to system users. You will only know that your trust was misplaced after an attack. The worst part is that following an attack the IT team simply moves on to another job. The CEO and board of directors will be left to grapple with the consequences of the cyber attack.

TEMVI provides leaders with:

-A legally reliable legal opinion on cyber risk based on established cyber security standards of care and applicable law
-Direct advice to the CEO and Board
-Advice at reasonable, fixed fees that are proportional to your organization's revenues

09/15/2021

Not that this has been identified as a racailly-motivated incident, but Black organizations do face a particular threat from cyber attacks from those who wish to push a racist agenda.

"Howard University has canceled classes on Tuesday and shut down campus WiFi due to a ransomware cyberattack that hit their network, according to a letter sent out to the school community.

The institution's information technology team is actively investigating the activity and has shut down all networks, officials said in the letter. The school is also working with the FBI and D.C. city government officials to get a clear understanding of what happened.

The school said Enterprise Technology Services and their entities are working to urgently fix the issue. It is still unknown when the system will be restored and school officials have reiterated that, "after an incident of this kind, is a long haul – not an overnight solution."

School officials said as of Tuesday morning, they do not have evidence that personal information has been retrieved. They are still looking to determine what was exactly accessed. In the meantime, the school is installing additional safety measures to protect personal data."

https://www.wusa9.com/article/news/local/dc/howard-university-ransomware-cyberattack/65-15b329bf-f4f4-430a-aae7-4003df9cea89?fbclid=IwAR3KrenTFJ0kUV5HLYeIIYavay-iRNVZEyC7UbjvUTLjDsIlCGfPu-T7mtg

All online and hybrid undergraduate courses remain suspended Wednesday, according to school officials.

09/15/2021

CEOs must take control of cybersecurity to avoid civil and criminal liability from cyber attacks.

Why Does the CEO Need to Take Control of Cybersecurity?

Your CEO and board of directors are the legal owners of your IT systems. They are legally accountable for cybersecurity. They are accountable to parties that share confidential information with you. This includes:

Customers
Shareholders
Investors
Patients
Joint Venture Partners
Limited and General partners
ERISA employees and others who entrust data with your firm.