Last week, President Trump signed an executive order (EO) designed to strengthen national cybersecurity and critical infrastructure. The EO focuses on the modernization of the federal information technology (IT) network and national cybersecurity risk management. While the order does not … Continue Reading
With the commencement of the workweek, experts predict the WannaCry cyberattack will spread further through systems that rely on older or unpatched versions of Microsoft Windows. The following alert explains the WannaCry ransomware and its impact on businesses and organizations … Continue Reading
Small and medium-sized businesses are turning to software as a service (SaaS) solutions for their IT needs more and more frequently. SaaS solutions can provide end-users with quicker, cheaper access to software that they might not otherwise have at their … Continue Reading
“Cyber threats cannot be eliminated but they can be managed. Cyber experts say that it is not a question of if you will have a cyber-attack, rather it is a question of when. The next question is what you … Continue Reading
Civilian privacy officers and counsel have a rare opportunity following the publication of the January 6, 2017 report from the Office of the Director of National Intelligence, commissioned by Former President Obama, regarding Russian hacking and influence efforts in “recent … Continue Reading
On December 1, 2016, the Commission on Enhancing National Cybersecurity (Commission)—established ten months earlier by President Obama—released its Report on Securing and Growing the Digital Economy (Report). The 50-page Report includes six major imperatives with 16 recommendations and 53 associated … Continue Reading
Yesterday afternoon Yahoo Inc. (Yahoo) announced that user information was stolen from more than one billion accounts in August 2013. Yahoo said that the stolen information includes, “names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, … Continue Reading
Until relatively recently, retirement plans have not made the news as targets of data breaches. This is somewhat surprising, given the wealth of participants’ personal data stored online by these plans. This past summer, however, two plans experienced cybersecurity incidents, … Continue Reading
As the healthcare industry continues to embrace the Internet of Things, cybersecurity may present unprecedented health and privacy risks to patients. Wireless-enabled medical devices are increasingly common. For some patients, this means that their hearts are, quite literally, connected … Continue Reading
The celebratory confetti has barely settled on the campaign office floor, but in the age of patches, hacks, and cyberattacks, the nation’s attention has shifted to how President-elect Donald Trump will manage U.S. privacy and data security issues.
During the … Continue Reading
Part 1 of this two-part series outlined the mechanics and dangers of ransomware. In Part 2, this post will examine what steps to take, or not to take, during and after a ransomware attack.
“We’ve Been Hit – Now What?”… Continue Reading
The Federal Trade Commission (FTC) is conducting a three-part fall conference workshop on select technology issues. The first conference was held on September 7th about ransomware. The second conference was held on October 13th about Drones and … Continue Reading
This morning the FCC voted along party lines to adopt rules subjecting broadband internet service providers (ISPs) to new consumer privacy regulations. According to the FCC’s press release, the rules give “customers the tools they need to make informed decisions … Continue Reading
On Tuesday, October 4, 2016, the Department of Defense (DoD) issued a long-awaited final rule implementing statutory requirements (10 U.S.C. §§ 391, 393) as part of 32 C.F.R part 236 regarding the reporting, by defense contractors, of certain cyber incidents … Continue Reading
Businesses and financial entities continue to grapple with the increasing frequency and sophistication of hacking, displayed by the recent botnet attack that affected numerous websites on October 21, 2016, as well as the recent SWIFT hack which was used … Continue Reading
Beginning early on October 21, 2016, Dyn, a New Hampshire based internet service company, was the victim of three distributed denial of service (DDoS) attacks. The first attack began at 7am ET and was resolved within about two hours. A … Continue Reading
On October 18, 2016, the Federal Financial Institutions Examination Council (FFIEC) issued answers to frequently asked questions (FAQs) to clarify points in FFEIC’s Cybersecurity Assessment Tool (Assessment). FFIEC released the Assessment in June 2015 to help financial institutions identify their … Continue Reading
“The goal is to turn data into information, and information into insight.” – Carly Fiorina, former CEO, Hewlett-Packard Co.
The most valuable asset of every organization is information. Organizing, analyzing and optimizing this complex source of business intelligence … Continue Reading
On October 6, 2013, the Federal Financial Institutions Examination Council (FFIEC) announced that it will host two webinars with the goal of increasing cybersecurity preparedness by its member financial institutions. FFIEC’s webinars are in recognition and observance of National Cybersecurity … Continue Reading
Quick to blame a state-sponsored organization, Yahoo announced at least 500 million of their account holders had their information stolen – in 2014.
On September 13, 2016, the New York Department of Financial Services (DFS) proposed new first-in-the-nation cybersecurity regulations (Regulations) that would require banks and other financial institutions to adopt minimum cybersecurity standards. In some ways the regulations are consistent with existing … Continue Reading
Many an unhappy modern tale arises when a cyber predator suggests to his victim that they transition their dealings from the virtual world to a meeting “IRL” – “in real life.” But the perils that arise when the internet meets … Continue Reading
On June 7, 2016, the Federal Financial Institutions Examination Council (FFIEC) reminded banks of the cyber risks associated with interbank messaging and wholesale payment networks. FFIEC made its announcement after hackers allegedly used the Society for Worldwide Interbank Financial Telecommunication … Continue Reading
Somewhere in a lavish Mediterranean villa a drug lord wearing an off-white suit had a heart attack. Elsewhere a tech whiz in Silicon Valley refreshed his browser multiple times as his heart sank further with each reloaded page. And a … Continue Reading