Host Gregg N. Sofer welcomes Husch Blackwell’s Erik Dullea to the podcast to explore how human error factors into cybersecurity efforts. Most data breaches trace back to some form of human error, and an approach to cybersecurity that doesn’t address the ‘social attack surface’ is likely to be a failing—and expensive—proposition. Gregg and Erik note the recent cyber incident involving the Securities and Exchange Commission, which occurred mere months after the agency imposed wide-reaching cybersecurity disclosure rules on the public companies it regulates. Aside from being a major embarrassment for the U.S. government, the incident highlights how difficult it is to account for the vulnerabilities in digital networks created by humans, and Gregg and Erik provide some practical considerations for risk professionals, in-house counsel, human resource professionals, and others in their efforts to improve cybersecurity outcomes.
Host Gregg N. Sofer welcomes Husch Blackwell’s Erik Dullea to the podcast to explore how human error factors into cybersecurity efforts. Most data breaches trace back to some form of human error, and an approach to cybersecurity that doesn’t address the ‘social attack surface’ is likely to be a failing—and expensive—proposition.
Gregg and Erik note the recent cyber incident involving the Securities and Exchange Commission, which occurred mere months after the agency imposed wide-reaching cybersecurity disclosure rules on the public companies it regulates. Aside from being a major embarrassment for the U.S. government, the incident highlights how difficult it is to account for the vulnerabilities in digital networks created by humans, and Gregg and Erik provide some practical considerations for risk professionals, in-house counsel, human resource professionals, and others in their efforts to improve cybersecurity outcomes.
Gregg N. Sofer Biography
Gregg counsels businesses and individuals in connection with a range of criminal, civil and regulatory matters, including government investigations, internal investigations, litigation, export control, sanctions, and regulatory compliance. Prior to entering private practice, Gregg served as the United States Attorney for the Western District of Texas—one of the largest and busiest United States Attorney’s Offices in the country—where he supervised more than 300 employees handling a diverse caseload, including matters involving complex white-collar crime, government contract fraud, national security, cyber-crimes, public corruption, money laundering, export violations, trade secrets, tax, large-scale drug and human trafficking, immigration, child exploitation and violent crime.
Erik Dullea Biography
Erik is a Denver-based partner at Husch Blackwell and heads up the firm’s cybersecurity practice. A retired U.S. Navy Captain, Erik focuses on compliance requirements related to cybersecurity and data privacy, including statutory, regulatory, and consensus-based standards, with an emphasis on critical infrastructure sectors such as aviation, energy, mining, and the Defense Industrial Base (DIB). He represents defense contractors and subcontractors; companies underpinning electrical, healthcare, transportation, and water systems; and other major organizations facing extortion threats from malicious foreign cyber actors. In 2022 and 2023, Erik bolstered his knowledge of cyber threats by returning to public service in a civilian capacity, working in the National Security Agency’s Office of General Counsel as the acting deputy chief of the cybersecurity practice group.
Additional Resources
Erik Dullea and Andrew Spector. “Twelve Planning Tips to Avoid Complications with the SEC’s Cybersecurity Disclosure Rules,” August 2023 Part 1 | Part 2 | Part 3