Mark Rasch Mark Rasch is a lawyer and computer security and privacy expert in Bethesda, Maryland. where he helps develop strategy and messaging for the Information Security team.
Rasch’s career spans more than 35 years of corporate and government cybersecurity, computer privacy, regulatory compliance, computer forensics and incident response. He is trained as a lawyer and was the Chief Security Evangelist for Verizon Enterprise Solutions (VES). He is recognized author of numerous security- and privacy-related articles. Prior to joining Verizon, he taught courses in cybersecurity, law, policy and technology at various colleges and Universities including the University of Maryland, George Mason University, Georgetown University, and the American University School of law and was active with the American Bar Association’s Privacy and Cybersecurity Committees and the Computers, Freedom and Privacy Conference.
Rasch had worked as cyberlaw editor for SecurityCurrent.com, as Chief Privacy Officer for SAIC, and as Director or Managing Director at various information security consulting companies, including CSC, FTI Consulting, Solutionary, Predictive Systems, and Global Integrity Corp.
Earlier in his career, Rasch was with the U.S. Department of Justice where he led the department’s efforts to investigate and prosecute cyber and high-technology crime, starting the computer crime unit within the Criminal Division’s Fraud Section, efforts which eventually led to the creation of the Computer Crime and Intellectual Property Section of the Criminal Division. He was responsible for various high-profile computer crime prosecutions, including Kevin Mitnick, Kevin Poulsen and Robert Tappan Morris.
Prior to joining Verizon, Mark was a frequent commentator in the media on issues related to information security, appearing on BBC, CBC, Fox News, CNN, NBC News, ABC News, the New York Times, the Wall Street Journal and many other outlets.
Mark Rasch
NY Courts: Who is Liable When Cryptocurrency is Stolen?
One of the great things about the blockchain and cryptocurrency is the fact that it operates outside the commercial banking system. Unfortunately, this means that when cryptocurrency is stolen (or, more accurately, when it is transferred without the consent of the account holder), account holders are often left without any ... Read More
Security Boulevard
Will SEC Cybersecurity Regulations Make a Difference?
The SEC's rules aim to ensure that Investors evaluating a company can meaningfully assess that company’s cybersecurity standing ... Read More
Security Boulevard
Identity Crisis: Supreme Court Rules on ‘Identity Theft’ Penalty Enhancement
The Supreme Court attempted to define what it means to “use” without lawful authority “a means of identification” of another person ... Read More
Security Boulevard
Netflix: Is Password-Sharing a Crime?
On May 25, 2023 streaming content provider Netflix began enforcing its policy prohibiting the sharing of Netflix accounts even among family members who are not members of the same “household”—meaning living together in the same house. It was always Netflix’s policy to prohibit such account and password sharing—it’s just that ... Read More
Security Boulevard
A New Ransomware Scam: Fraud by the Incident Responders
In February 2018, Oxford Biomedica, a large biological research company in Oxford, UK, was hit by a ransomware attack. The hackers were demanding more than £300,000 in ransom. Oxford invoked its incident response plan and called in its team. One member of Oxford’s internal incident response team, Ashley Liles, had ... Read More
Security Boulevard
Are Internet Providers ‘Aiding and Abetting’ Crimes?
The internet was on tenterhooks over the question of whether the U.S. Supreme Court would find that online providers like Google, Facebook and others could continue to enjoy protection under the Communications Decency Act Section 230 for the statements and actions of users of their site. In particular, the Supreme ... Read More
Security Boulevard
Failure to Pay Ransom: Negligence?
Lehigh Valley Health Network is a health care network based in Allentown, Pennsylvania that serves the eastern and northeastern part of the state. On February 6, 2023, LVHN was hit with a combination ransomware/extortionware attack. Attackers from the hacker group ALPHV (aka BlackCat) obtained sensitive medical photographs of LVHN patients ... Read More
Security Boulevard
Federal Appellate Court Approves ‘Pretext’ Border Search
Mark Rasch | | border searches, Data Security, Espionage, insider threats, national security, Privacy, trade secrets
For almost nine years, Chinese national and U.S. resident Haitao Xiang had been employed by the Monsanto company in St. Louis, Missouri, as a research application engineer specializing in hyperspectral imaging technology. As with most jobs of this type, Xiang had signed a non-disclosure and confidentiality agreement with his employer, ... Read More
Security Boulevard
Federal Court Dismisses FTC Location Privacy Lawsuit
Geolocation data is among the most sensitive personal data. Marketers can use this data to determine what you are likely to buy, how much you are likely to spend and where you are likely to shop. The Federal Trade Commission (FTC) sued an online geolocation data broker for unfairly selling ... Read More
Security Boulevard
War, Hunh. Yeah. What is it Good For? Reducing Insurer Liability for Cyberattacks
A New Jersey court recently ruled that an insurer was not relieved from its obligation to pay for Merck’s losses after a Russian NotPetya cyberattack. The insurer claimed its ‘Act of War’ exclusion applied to the company’s cyberinsurance policy; the court disagreed. The rise of cyberattacks has led to a ... Read More
Security Boulevard