The importance of the Domain Name System (DNS) to your organization’s cybersecurity cannot be understated. Communications between your organization’s computers and the Internet (web, email, and file server traffic) depend on DNS to get to their intended destinations. Man in the Middle DNS attacks, DNS hijacking, DNS denial of service attacks and backdoor command and control malware/data exfiltration using DNS can be devastating. Malicious employees and other insiders may abuse DNS. Loss of critical business information, data breach of protected information, reputational harm and collateral damage to your business partners/customers may result in long-lasting effects. HIPAA, the Gramm Leach Bliley Act, the GDPR and State cybersecurity laws and regulations, including California, Massachusetts, New York (DFS), and Colorado require covered organizations to consider risks to DNS as part of an overall risk assessment and implement reasonable administrative, technical, and physical safeguards. This webinar will discuss how to anticipate, prevent, and respond to attacks on your organization’s DNS systems and comply with applicable legal requirements.
The program is presented by Brian Cesaratto, an attorney in Epstein Becker Green’s Privacy, Cybersecurity and Data Asset Management practice. He is a Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker (CEH).
Brian G. Cesaratto is a Member of the Firm in the Litigation and Employment, Labor & Workforce Management practices, in the New York office of Epstein Becker Green. His practice focuses on cybersecurity and data privacy, computer and electronic data misappropriation, breach and forensics, technology and software licensing, internal and law enforcement investigations, and litigation.
Mr. Cesaratto is a Certified Information Systems Security Professional (CISSP). He was awarded this information technology security audit certification by the International Information Systems Security Certification Consortium (see www.isc2.org). He is a Certified Ethical Hacker (CEH), a certification awarded by EC-Council, the world's largest cyber security technical certification body. He is also a Certified CSF Practitioner, a designation given by the Health Information Trust Alliance (HITRUST), an organization that provides training to develop and maintain effective security programs for health care, life sciences, and other companies that comply with security laws, regulations, and standards, including HITECH, HIPAA, PCI, JCAHO, CMS, ISO, NIST, GDPR, and various other federal, state, and business requirements (including New York State Department of Financial Services cybersecurity regulations).
In his practice, Mr. Cesaratto has:
Mr. Cesaratto draws on a diverse legal background that includes private practice with national law firms, lengthy solo practice, and serving as an Assistant District Attorney in Bronx County, New York, where he directed investigations into financial fraud, identity theft, theft of intellectual property, credit card fraud, and consumer fraud. In addition to his CISSP and CEH certifications, he has completed extensive training courses in computer forensics software, including recovery of deleted electronic documents and indicia of unauthorized data transfer.
Great write up on the regulations,... this will be a great resource. Thank you.