DHS and Cyber: What Should Companies Expect?
This month is the 21st annual Cybersecurity Awareness Month, cosponsored by the Cybersecurity and Infrastructure Agency (CISA) and the National Cybersecurity Alliance. This year’s theme is “Secure Our World,” continuing what...more
October is always a busy month for cybersecurity professionals. For the past 21 years, October has been an especially busy month for me as it is Cybersecurity Awareness Month. This means lots of employee education and...more
On September 19, 2024, U.S. Senator Angus King (D-ME); Rear Admiral (retired) Mark Montgomery, Senior Director and Senior Fellow of the Foundation for Defense of Democracies’ Center on Cyber and Technology Innovation; and...more
Ransomware attacks are hitting record highs in 2024 and show no sign of slowing down as new criminal groups enter the scene and employ a variety of evolving tactics. This post identifies key highlights of ransomware activity...more
As cybersecurity threats continue to evolve, the sports industry faces unique challenges in safeguarding its data, athletes, and events. During a recent panel discussion at the Aspen Cyber Summit, Reynold Hoover, CEO of the...more
The Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI), the National Security Agency, and other international partners, issued an Alert on September 5, 2024, warning...more
A recent joint advisory from the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the Department of Defense Cyber Crime Center (DC3) warns of increased collaboration...more
The Cybersecurity & Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the Department of Defense Cyber Crime Center (DC3) issued a joint alert on August 28, 2024, warning U.S.-based...more
On July 19, Change Healthcare Ince. filed a breach report with HHS Office for Civil Rights (OCR) concerning its mammoth ransomware attack and breach. The organization’s breach report to OCR identifies just 500 individuals as...more
On June 13, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) collaborated with the Joint Cyber Defense Collaborative (JCDC) to hold the federal government’s first tabletop exercise for “AI security...more
As discussed in our previous blog post, the Cybersecurity and Infrastructure Security Agency (CISA) is proposing a significant new rule to bolster the nation’s cyber defenses through mandatory incident reporting. While...more
Verizon released its Data Breach Investigations Report (DBIR) for 2024, an annual treat that highlights some trends companies should be aware of as they manage their cybersecurity programs and respond to and anticipate new...more
On June 2, 2024, cloud service provider Snowflake reported increased cyber threat activity targeting some of its customer’s accounts. Snowflake recommended that customers review unusual activity to detect and prevent...more
In a reminder that open source products can carry significant risks beyond intellectual property, a vulnerability in a compression tool commonly used by developers has triggered widespread concerns....more
Welcome to our inaugural issue of The Health Record - our healthcare law insights e-newsletter! As such, we wanted to pull together our insights and pass them along to you. Our goal is to create a publication that is...more
CYBERSECURITY - CISA Issues Advisory on Black Basta Ransomware - On May 10, 2024, CISA, along with the FBI, HHS, and MS-ISAC, issued a joint Cybersecurity Advisory relating to Black Basta ransomware affiliates “that...more
On May 10, 2024, CISA, along with the FBI, HHS, and MS-ISAC, issued a joint Cybersecurity Advisory relating to Black Basta ransomware affiliates “that have targeted over 500 private industry and critical infrastructure...more
Selected U.S. Privacy and Cyber Updates - CISA Posts Notice of Proposed Rulemaking Under CIRCIA - On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) published a notice of proposed rulemaking (NPRM)...more
More than two months after the February 2024 Change Healthcare cyber-ransom attack, the healthcare industry continues to grapple with the fallout, creating significant challenges, disruptions, and outages to the healthcare...more
On April 30, 2024, the White House announced that President Biden signed a new critical infrastructure memorandum, titled National Security Memorandum on Critical Infrastructure Security and Resilience ("NSM-22"). This new...more
Modern warfare is no longer restricted to physical battlefields and professional military. Countries like North Korea and Russia have few qualms about using cyberspace to reach well beyond their physical borders to target...more
The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more
On April 4, 2024, the Cybersecurity and Infrastructure Security Agency (“CISA”) published for public comment a long-awaited proposed rule to implement the Cyber Incident Reporting for Critical Infrastructure Act of 2022...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
Transportation services providers are increasingly facing new technology-oriented threats in day-to-day business. Recent cyberattacks and the potential for serious disruption from threat actors have drawn the attention of the...more