All Blog postsWhile many organizations seek to monitor their cybersecurity posture with internal testing, such as table top exercises, simulated phishing attacks, and other proactive measures, the question always remains: is it enough to thwart a sophisticated threat actor? This simple question, with its many complexities and concerns, was a daily inquiry for me as a former FBI executive in charge of the data presentation and storage for operations.
Read more »Tag: cyber threat
-
All Hail the Red Team! The Value of Penetration Testing for a Cybersecurity Culture Posted on: May 17, 2022 In: Data Privacy & Cybersecurity
-
Can Your Coffee Maker Be Hacked? Cybersecurity Issues and the Growing Internet of Things Posted on: May 09, 2022 In: Data Privacy & CybersecurityInternet of Things (IoT) devices have flooded the lives of consumers over the past few years, with the global IoT market valued at $384.7 billion in 2021, according to a March 2022 report from Fortune Business Insights. "Smart" technology has become a standard feature on most consumer products, and with a growing number of devices being connected to the internet, it is increasingly important that the public be sufficiently educated on the risks that accompany IoT devices.
Read more »
-
OFAC September 2021 Advisory: Illusory Solutions to Soften the Enforcement Threat? Posted on: September 22, 2021 In: Data Privacy & CybersecurityOn September 21, 2021, the United States Department of the Treasury’s Office of Foreign Assets Control (OFAC) released an updated advisory on potential sanctions risks for facilitating ransomware payments. The sanctions have been authorized by the International Emergency Economic Powers Act and the Trading with the Enemy Act with the purpose of disrupting funding for malicious cyber activities and limiting activities that may be adverse to U.S. national security and foreign policy objectives.
Read more »
-
What’s in President Biden’s Executive Order on Improving the Nation’s Cybersecurity? Posted on: May 27, 2021 In: Data Privacy & CybersecurityOn May 12, 2021, President Biden issued an Executive Order on Improving the Nation’s Cybersecurity, emphasizing the current cyberattack landscape targeting the public and private sectors and the need to heighten efforts and increase resources to defend against this threat environment. The Order comes following recent high-profile cyber incidents, and echoes the NIST's Framework’s Five Functions. Parts of the Order will also directly affect federal contracts and its supply chain.
Read more »
-
You’ve Experienced a Ransomware Attack - Now What? 5 Practical Steps to Take In Response to a Ransomware Attack Posted on: March 11, 2021 In: Data Privacy & CybersecurityBy now, most of you know that due to the COVID-19 pandemic and the shift to remote work, data security incidents increased both in number and severity in 2020 and show no signs of slowing down in 2021. What you may not know, however, is what to do when your business experiences a ransomware attack. This post details five steps your organization should take immediately to reduce the impact of the attack.
Read more »
-
FBI Healthcare Alert - Imminent Threat Of Widespread Ryuk Attack Posted on: October 29, 2020 In: COVID-19 ResponseThe FBI and DHS-CISA issued a warning on October 28, 2020 about an imminent threat to hospitals and healthcare providers. They represent that they have credible information to suggest there will be a widespread Ryuk ransomware attack this weekend (October 30 - November 1), and the FBI, DHS and the NSA's Cybersecurity Threat Operations Center are currently investigating the matter. It is recommended that hospitals and healthcare providers implement the following measures as soon as possible.
Read more »
-
The Next Major Public Health Crisis Posted on: October 15, 2020 In: COVID-19 ResponseIn 2014, a business associate of a healthcare entity was notified by law enforcement that it had suffered a cyberattack to the company's information system. The hackers were able to access and exfiltrate the health information of more than 6 million people from numerous entities served by the business associate. In addition to a fine issued by OCR, a related covered entity was sued and a multimillion-dollar settlement was reached. OCR placed the covered entity under a very detailed corrective action plan.
Read more »
-
A Time for Reflection: Advisen’s 2020 Cyber Law Firm of the Year Award Posted on: July 15, 2020 In: Data Privacy & CybersecurityLewis Brisbois' Data Privacy & Cybersecurity Team recently received Advisen’s 2020 “Cyber Law Firm of the Year” award for the second year in a row. We are proud of this accomplishment and grateful for Advisen’s recognition, as well as the dedication of our attorneys and industry partners. Receiving this honor provides us with more than simply a reason to celebrate. It also gives us a chance to reflect upon the work that we performed last year and to determine how best to serve our clients in the future.
Read more »
-
Business Email Compromise Attacks on the Rise in 2020 Posted on: June 18, 2020 In: COVID-19 ResponseA business email compromise (BEC) is a cyber crime that utilizes access to an organization’s email to defraud that organization and its employees, customers, or partners. In 2020, COVID-19 has provided attackers with a new source for BEC exploits. Attackers are taking advantage of the need for communications surrounding COVID-19 and increased remote work connections from employee home networks to their employers’ corporate networks.
Read more »
-
Remaining Vigilant Against State-Sponsored Cyberattacks Posted on: April 15, 2020 In: Data Privacy & CybersecurityState-sponsored cyberattacks have increased in recent years. These attacks, which are supported and funded by foreign governments, typically reflect geopolitical dynamics, with hacking campaigns often emerging following international conflicts. Frequently, the nations responsible for cyberattacks seek to achieve specific goals through their hacking campaigns. Their objectives may include conducting economic espionage or disrupting another nation’s political or economic stability.
Read more »
-
Threat Intelligence: Maze Ransomware Variant Posted on: December 09, 2019 In: Data Privacy & CybersecurityWhile ransomware variants like GandCrab, Ryuk, and WannaCry have received a lot of attention and cost their victims significant amounts of money, these attacks are rarely accompanied by a credible threat to expose sensitive data. These threat actors are able to monetize their attacks with the extortion payments alone. However, a variant known as Maze (or ChaCha) could change that equation.
Read more »
-
Keeping the Creeps Off Your Computer: Tips to Avoid Scareware & Scare Scams Posted on: October 29, 2019 In: Data Privacy & CybersecurityHalloween is a great time to masquerade as your favorite supernatural or otherworldly character, generating harmless screams and candy. Not so harmless is the fear that scammers create by pretending to know something about you or your cyber system in order to scare you into sending them money.
Read more »
Blog Search
Featured Posts
- February 10, 2023 Historic Hermès Jury Verdict Paves Way for Digital Trademark Rights
- January 13, 2023 Sports Law: A Year in Review & What to Watch for in 2023
- January 06, 2023 Federal Trade Commission Cracks Down on Non-Compete Agreements
- December 06, 2022 Just In Time: Last Minute Compliance Tips for the CPRA and VCDPA
Blog Tags
9th circuit
ada
america invents act
arbitration
blockchain
breach notification
california
ccpa
college
colorado
compensation
compliance
congress
consumer data
consumer notification
copyright
coronavirus
covid-19
cpra
cybersecurity
cyber threat
data breach
data privacy
data security
disability
discrimination
dol
dress code
eeoc
employee handbook
employers
employment agreements
employment law
equal pay
european union
executive order
family leave
fbi
fcra
federal circuit
fincen
flsa
fmla
gdpr
hacking
healthcare
hipaa
hiring
human resources
identity theft
illinois
incident response
independent contractors
infringement
inter partes review
irs
labor law
legislative alert
litigation
malware
marijuana
medical leave
minimum wage
multi-factor identification
ncaa
new jersey
new york
nil
nlrb
non-competition
osha
overtime
paga
paid leave
patent law
patents
payroll
personal data
personal information
phishing
privacy law
privacy protection patchwork
ptab
ransomware
reasonable accommodation
sexual harassment
sports
sports law
statute
student-athletes
supreme court
title ix
title vii
trademark
trade secrets
utah
virginia
wage and hour
washington
workplace safety