Brad and I hope you had a wonderful Thanksgiving holiday! We have so many things to be thankful for, including our faith, our families, our work families (FRSecure and SecurityStudio), our friends, our partners, our clients, and last, but not least, our UNSECURITY Podcast listeners!
Our listeners make our podcast worthwhile.
If you missed last week, we introduced you to one of the most amazing 15 year-old kids you’ll ever meet, Zoe Bundy. She’s an all around awesome gal, and the founder of Brainy Ladies. Give it a listen. You won’t be disappointed!
This week we welcome another special guest, Justin Webb. Justin is a “Data Privacy & Cybersecurity Attorney / Chief Information Security Officer at Godfrey & Kahn, S.C.”. We’re going to talk to Justin about all sorts of legal information security and privacy stuff. It’ll be like 30-40 minutes of free legal advice (sort of)!
I’m (Evan) leading the show this week, and here are my notes.
SHOW NOTES – Episode 56
Date: Monday, December 2nd, 2019
Our topics this week:
- Introducing Justin Webb
- Who is Justin Webb?
- Target vs. Chubb
- The California Consumer Privacy Act (CCPA)
- China’s Cryptography Law
- New Show Format (reminder)
[Evan] Welcome back! Unless you’re lost, you know this is the UNSECURITY Podcast. This is episode 56, and I’m Evan Francen, your host. The date is December 2nd, and joining me is my buddy Brad Nigh. Sup Brad?
[Brad] Shares some of the simple things in life.
[Evan] How was your Thanksgiving holiday?
[Brad] Great, duh!
[Evan] We have another awesome show planned today! A couple of weeks ago, I read a news story about Target suing Chubb, their insurance provider, about claims related to the infamous Target breach of 2013. Here we are, six years later, and the fallout continues.
People who know my past, know that I spent twenty-one months consulting the Special Litigation Committee (SLC) of Target Corporation’s Board of Directors who addressed the derivative claims
arising out of the December 2013 data breach. I mention this only because I’m still obligated to maintain confidentiality from this work, and for perspective. I was privileged to see almost everything about this breach, or at least it seemed that way.
So, I read the news about this lawsuit, and I figured I’d reach out to my favorite cyber-insurance guy, David Kruse and get his take. David introduced me to this cool cat, Justin Webb, an information security stud and data privacy attorney with Godfrey & Kahn, a leading law firm out of Milwaukee, Wisconsin.
[Justin] Justin does Justin.
[Evan] I’m sort of looking at this like we get 30 minutes or so of free legal advice. Right?
[Justin] Probably not right, but whatever.
[Evan] We’re very excited to have you join us Justin!
Discussion with Justin
- Who is Justin Webb?
- Target vs. Chubb, references:
- Target sues insurer over 2013 data breach claims – https://www.bizjournals.com/twincities/news/2019/11/21/target-sues-insurer-over-2013-data-breach-claims.html
- Target files $74 million suit against Chubb over breach coverage – https://www.scmagazine.com/home/security-news/legal-security-news/target-files-74-million-suit-against-chubb-over-breach-coverage/
- Target sues Chubb in connection with 2013 data breach – https://www.businessinsurance.com/article/20191118/NEWS06/912331718/Target-sues-Chubb-in-connection-with-2013-data-breach
- Law360 – https://www.law360.com/dockets/download/5dcf0a12acb2610253332746?doc_url=https%3A%2F%2Fecf.mnd.uscourts.gov%2Fdoc1%2F10118049648&label=Case+Filing
- The California Consumer Privacy Act (CCPA), references:
- California Consumer Privacy Act (CCPA) – https://oag.ca.gov/privacy/ccpa
- California Consumer Privacy Act (CCPA): What you need to know to be compliant – https://www.csoonline.com/article/3292578/california-consumer-privacy-act-what-you-need-to-know-to-be-compliant.html
- China’s Cryptography Law – https://www.gatestoneinstitute.org/15230/china-adopts-malicious-cybersecurity-rules
[Evan] Good stuff! Legalling is exhausting. Thank you Justin for providing your insight and advice!
New Show Format Discussion (reminder)
[Evan] Just a quick reminder about the upcoming new addition to the show, starting after the first of the year. We’re devoting ten minutes of each show to anyone who’s looking for a job in the information security industry. Email us at email@example.com if you want your slot! We’ll respond to you on a first come, first serve basis.
We’ve already received some emails, which is super cool!
If you’re chosen, and the time works out, we’ll invite you on to our show to learn about you. Think of this as a quick 10 minute interview. We’ll work out the kinks between now and the time we kick this off, but we’ll have a standard format defined by then.
If you’re looking for a job, use us to help you get the word out! Stay tuned, we’ll mention this a few more times before we make this change official.
OK, now some news…
[Evan] Alright, what the heck happened this last week? Let’s see…
- Don’t Buy Anyone a Ring Camera – https://gizmodo.com/dont-buy-anyone-a-ring-camera-1840070640
- Amazon Plans Ring Facial Recognition-Based ‘Watch List’, Report – https://threatpost.com/amazon-ring-facial-recognition-watch-list/150681/
- Black Friday, Cyber Monday scams are on the loose, businesses need to prepare – https://www.scmagazine.com/home/retail/black-friday-cyber-monday-scams-are-on-the-loose-businesses-need-to-prepare/
[Evan] That’s it. Episode 56 is a wrap. Thank you to Justin Webb for joining us and for sharing your perspective.
Thank you to our listeners! Keep the questions and feedback coming. We’re still a little behind on responding right now, so please be patient with us. We love your feedback. Send things to us by email at firstname.lastname@example.org. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen and Brad’s @BradNigh. Justin, how do you want people to socialize with you?
That’s it! Talk to you all again next week!