Medium, large, supersize... even fast food meals come in different sizes. After all, we want to be able to choose what is right for us and what meets our specific needs. Legal representation for cybersecurity incidents is no different. It should be customized to fit each client’s particular situation, addressing the nuances of the event and ensuring that the response is proportionate. There is no one size fits all approach to legal notification, especially where consumers or clients need to be informed.
Read more »Tag: cybersecurity
-
Legal Notification – One Size Does Not Fit All Posted on: May 21, 2021 In: Data Privacy & Cybersecurity
-
Top Tips to Prevent or Reduce the Impact of Cyber Incidents in Mergers & Acquisitions Posted on: May 13, 2021 In: Data Privacy & Cybersecurity
Selling and purchasing a business presents many challenges for both the seller and the buyer, but it’s important that data privacy and cybersecurity concerns aren’t lost in the due diligence process. In an increasingly digitized world, all businesses, big or small, face data privacy challenges that further complicate the process. Here are our top tips for smaller businesses to reduce the chances of data privacy issues arising during the sale or purchase of a business.
Read more »
-
Expect the Best, but Prepare for the Worst: 5 Practical Steps to Take Before a Ransomware Attack Posted on: April 22, 2021 In: Data Privacy & Cybersecurity
Last month, we wrote about steps to take after experiencing a ransomware event. This month, as ransomware events continue to grow in number and severity, we now share the following five practical tips to implement before a ransomware event. These tips should help you bolster your defenses and reduce the havoc a ransomware attack can have on your business.
Read more »
-
CCPA 2.0 and the Changing Privacy Landscape, Part VI: CPRA’s Impact On Service Providers, Contractors, and Third Parties Posted on: April 05, 2021 In: Data Privacy & Cybersecurity
As detailed in our ongoing series, the passage of the California Privacy Rights Act (CPRA) promises to drastically change the privacy landscape in the Golden State, and affect the privacy compliance efforts of many businesses that service customers in California.
Read more »
-
ALERT: Microsoft Exchange Vulnerabilities Used to Deploy Ransomware Posted on: March 15, 2021 In: Data Privacy & Cybersecurity
On March 11, 2021, Microsoft acknowledged that the recently disclosed Microsoft Exchange vulnerabilities were being used to facilitate ransomware attacks. The four vulnerabilities – known as vulnerabilities CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065 – have been exploited by attackers to compromise systems beyond the Exchange server.
Read more »
-
You’ve Experienced a Ransomware Attack - Now What? 5 Practical Steps to Take In Response to a Ransomware Attack Posted on: March 11, 2021 In: Data Privacy & Cybersecurity
By now, most of you know that due to the COVID-19 pandemic and the shift to remote work, data security incidents increased both in number and severity in 2020 and show no signs of slowing down in 2021. What you may not know, however, is what to do when your business experiences a ransomware attack. This post details five steps your organization should take immediately to reduce the impact of the attack.
Read more »
-
ALERT: Zero-Day Vulnerabilities Being Exploited to Attack On-Premises Microsoft Exchange Servers Posted on: March 04, 2021 In: Data Privacy & Cybersecurity
On March 2, 2021, Microsoft released a new patch to address four zero-day exploits being used to attack on-premises Microsoft Exchange Servers. The United States Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA) has urged vulnerable businesses to read Microsoft’s update and apply patches to their systems as necessary.
Read more »
-
Top Five Cybersecurity Suggestions for 2021 Posted on: February 12, 2021 In: Data Privacy & Cybersecurity
As hard as it is to believe, we are already more than a month into 2021 – and our Data Privacy & Cybersecurity Team is well on its way to managing over 2,000 data security incidents this year. It serves as an important reminder that a few cybersecurity suggestions can have a big impact as we embrace the months to come. The following are our top five suggestions to enhance the security of your network, detect intruders more quickly, and reduce the scope and expense of data security events this year.
Read more »
-
Office of Foreign Assets Control Guidance on Ransomware Payments Posted on: January 21, 2021 In: Data Privacy & Cybersecurity
The United States Department of Treasury’s Office of Foreign Assets Control (OFAC) is broadly tasked with administering and enforcing economic trade sanctions based on United States foreign policy and national security goals. On October 1, 2020, OFAC issued an “Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments” to companies providing services to victims of ransomware attacks.
Read more »
-
A Time for Reflection: Advisen’s 2020 Cyber Law Firm of the Year Award Posted on: July 15, 2020 In: Data Privacy & Cybersecurity
Lewis Brisbois' Data Privacy & Cybersecurity Team recently received Advisen’s 2020 “Cyber Law Firm of the Year” award for the second year in a row. We are proud of this accomplishment and grateful for Advisen’s recognition, as well as the dedication of our attorneys and industry partners. Receiving this honor provides us with more than simply a reason to celebrate. It also gives us a chance to reflect upon the work that we performed last year and to determine how best to serve our clients in the future.
Read more »
-
Business Email Compromise Attacks on the Rise in 2020 Posted on: June 18, 2020 In: COVID-19 Response
A business email compromise (BEC) is a cyber crime that utilizes access to an organization’s email to defraud that organization and its employees, customers, or partners. In 2020, COVID-19 has provided attackers with a new source for BEC exploits. Attackers are taking advantage of the need for communications surrounding COVID-19 and increased remote work connections from employee home networks to their employers’ corporate networks.
Read more »
-
Legislative Alert: D.C. Passes Security Breach Protection Amendment Act, Creating New Notice Requirements and Cybersecurity Safeguards Posted on: April 17, 2020 In: Data Privacy & Cybersecurity
On March 26, 2020, District of Columbia Mayor Muriel Bowser signed into law Act 23-268, known as the “Security Breach Protection Amendment Act of 2020.” The Act, which amends section 28 of Chapter 38 of the District of Columbia Code, broadens the existing definition of “personal information,” increases the breach notice contents requirements, provides attorney general notice requirements, and mandates cybersecurity safeguards.
Read more »