Mark Rasch

Mark Rasch is a lawyer and computer security and privacy expert in Bethesda, Maryland. where he helps develop strategy and messaging for the Information Security team. Rasch’s career spans more than 35 years of corporate and government cybersecurity, computer privacy, regulatory compliance, computer forensics and incident response. He is trained as a lawyer and was the Chief Security Evangelist for Verizon Enterprise Solutions (VES). He is recognized author of numerous security- and privacy-related articles. Prior to joining Verizon, he taught courses in cybersecurity, law, policy and technology at various colleges and Universities including the University of Maryland, George Mason University, Georgetown University, and the American University School of law and was active with the American Bar Association’s Privacy and Cybersecurity Committees and the Computers, Freedom and Privacy Conference. Rasch had worked as cyberlaw editor for SecurityCurrent.com, as Chief Privacy Officer for SAIC, and as Director or Managing Director at various information security consulting companies, including CSC, FTI Consulting, Solutionary, Predictive Systems, and Global Integrity Corp. Earlier in his career, Rasch was with the U.S. Department of Justice where he led the department’s efforts to investigate and prosecute cyber and high-technology crime, starting the computer crime unit within the Criminal Division’s Fraud Section, efforts which eventually led to the creation of the Computer Crime and Intellectual Property Section of the Criminal Division. He was responsible for various high-profile computer crime prosecutions, including Kevin Mitnick, Kevin Poulsen and Robert Tappan Morris. Prior to joining Verizon, Mark was a frequent commentator in the media on issues related to information security, appearing on BBC, CBC, Fox News, CNN, NBC News, ABC News, the New York Times, the Wall Street Journal and many other outlets.

MFA, security, Google Cloud, Oasis, MFA, Telegram cybercrime phishing

Google Cloud’s Multi-Factor Authentication Mandate: Setting a Standard or Creating an Illusion of Security?

Mark Rasch | February 21, 2025 | Cybersecurity, google cloud, industry standards, MFA

Google Cloud recently announced that it will require all users to adopt multi-factor authentication (MFA) by the end of 2025, joining other major cloud providers like Amazon Web Services (AWS) and Microsoft Azure in mandating this critical security measure ... Read More

Security Boulevard

truth, meta, fake, true, facts, truth, lies,

Facts, Schmacts – Meta Joins X in Ceasing Content Moderation

Mark Rasch | February 18, 2025 | facts, lies, Meta, Misinformation, Truth

On January 6, 2025, Meta, formerly known as Facebook, formally announced that it would cease its “fact-checking” operations, and allow the internet itself, through comments posted, to be the final arbiter of what is true and false ... Read More

Security Boulevard

Trump, AI, enemies, CISA, security,trump, states, infrastructure, PCLOB, president, Donald John Trump, President of the U.S.

In Defense of Oversight – The President and the PCLOB

Mark Rasch | February 12, 2025 | civil liberty, Congress, independent watchdogs, PCLOB, President

In late January 2025, President Trump fired the Democratically (big D) appointed members of the Privacy and Civil Liberties Oversight Board (PCLOB), an independent watchdog entity designed to provide input and oversight to the Intelligence Community (IC) ... Read More

Security Boulevard

UK, apple, ‘Union Jack’ bunting in Balham after the Queen’s Platinum Jubilee celebrations, June 2022

Hey, UK, Get Off of My Cloud

Mark Rasch | February 10, 2025 | cloud access, Compliance, EU law, uk

The United Kingdom has made a bold demand to Apple, purporting to require the company to create a backdoor to access encrypted cloud backups of all users worldwide ... Read More

Security Boulevard

Supreme Court Ruling May Question FTC Authority to Regulate Privacy and Security

Mark Rasch | September 27, 2024 | Data Privacy, FTC

While the FTC has been a pivotal player in advancing data privacy and security standards, the evolving legal landscape underscores the need for clearer statutory guidance ... Read More

Security Boulevard

An Unexamined Life – Virginia Court Strikes Down Automated License Plate Readers (ALPRs)

Mark Rasch | September 27, 2024 | ALPRs, privacy laws

Enter ALPR’s. Automated License Plate Readers have been a boon to law enforcement agencies and a bane to privacy advocates ... Read More

Security Boulevard

congress, banks, banking, phishing, fraud,

See No Evil – NY AG Letitia James Cracks Down on Banks Refusing to Foot the Bill for Consumer Phishing and Fraud

Mark Rasch | September 27, 2024 | #banks, Congress, Fraud, Phishing

Congress decided who was required to compensate for fraudulent consumer transactions, and banks should never require their customers to waive their rights as a condition precedent for the bank doing its job ... Read More

Security Boulevard

The Return of the Laptop From Hell

Mark Rasch | September 27, 2024 | access, Biden, Data Privacy, Laptop

California court refuses to dismiss computer crime charges against an entity that analyzed Hunter Biden’s laptop ... Read More

Security Boulevard

compliance,data, governance, framework, companies, privacy, databases, AWS, UnitedHealth ransomware health care UnitedHealth CISO

How the Promise of AI Will Be a Nightmare for Data Privacy

Mark Rasch | September 27, 2024 | AI, Data Privacy, LAMs, LLMs

But as we start delegating LLMs and LAMs the authority to act on our behalf (our personal avatars), we create a true data privacy nightmare ... Read More

Security Boulevard