Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Hybrid Workforces and Compliance with Sheila Limmroth
Defense In-Depth: Cybersecurity For Energy
Verizon’s 2024 Data Breach Report, a must-read publication, was published on May 1, 2024. The report indicates that “Over the past 10 years, the use of stolen credentials has appeared in almost one-third (31%) of all...more
Today is World Password Day, a day for organizations to remind their employees of the importance of using strong passwords and practicing good password hygiene to protect personal and work accounts. Given the large number of...more
If you have a tendency to reuse the same password across multiple accounts, you could be leaving yourself (and your organization) exposed to risk. Credential stuffing, the stealthy technique fueling a recent explosion of...more
A group of scammers recently used deepfake technology – now readily available to just about anyone – to trick a finance employee into paying them over $25 million of corporate funds. This might be one of the world’s biggest...more
Most organizations and online platforms use multifactor authentication (MFA) (also called two-factor authentication) to confirm that the user is an authorized individual and not a scammer or fraudster. We have all been...more
It’s Cybersecurity Awareness Month, and this year marks the 20th anniversary of the campaign. Introducing “Secure Our World” as the central theme, the Cybersecurity Infrastructure and Security Agency (CISA) is on a...more
This article is the second in a series of articles about Cybersecurity Awareness Month. Throughout October, K2 Integrity will be providing tips and solutions to organizations to commemorate the 20-year anniversary of the...more
It’s important to stay secure throughout the year, and in October, cybersecurity takes on even more significance: since 2004, it has been designated as Cybersecurity Awareness Month. In the 20 years since its inception,...more
It’s been several years since I have written about password hygeine. I have been hoping that a better security solution would be widely adopted and while I hear rumors in that regard, passwords still reign supreme. So when I...more
Data security will undoubtedly remain an enforcement priority for the Federal Trade Commission in 2023. A presentation on the FTC’s approach to data security by Deputy Chief Technologist Alex Gaynor at a Commission open...more
The Federal Trade Commission will have its eye on privacy and data security enforcement in 2023. In August, the agency announced that it is exploring ways to crack down on lax data security practices. In the announcement,...more
Creating passwords needs to be a challenge, not for you to remember but for others to guess. Yet, the digital world is changing. A single sign-on password is pretty easy for unsavory characters to hack. Statistics indicate in...more
In the late summer, the Consumer Financial Protection Bureau (CFPB) issued a circular that concluded in no uncertain terms that insufficient data protection or information security could be considered an unfair practice under...more
Multi-factor authentication (MFA) is more than an annoying popup or text message when logging onto a company’s website or platform. Not only is using MFA a sound security practice and good business, it is frequently becoming...more
A recent Privacy Peril advised of the increasing cyber risk from nation state attacks, particularly as a result of the war in Ukraine. There is, of course, little we can do to thwart cyber assaults on vital nerve centers....more
Hybrid work is likely here to say, and, as Sheila Limmroth, privacy specialist at DCH Health System, and the author of the chapter Hybrid Work Environment in the Complete Healthcare Compliance Manual observes in this...more
Glenn Hartfiel, Principal, and Geoff Yut, Consultant, at Opportune LLP discuss why recent geopolitical events are heightening the need for the implementation of improved cybersecurity measures in the energy industry, why...more
Selected Developments in U.S. Law - SEC Proposed Rule Will Require Private Funds to Report Certain Cyber Events On January 26, 2022, the U.S. Securities and Exchange Commission (SEC) proposed new rules to enhance hedge fund...more
Efforts to secure systems and data from a cyberattack often focus on measures such as multifactor authentication (MFA), endpoint monitoring solutions, antivirus protections, and role-based access management controls, and for...more
In the wake of a cyber incident, regulators and law enforcement agencies closely scrutinize the cyber security measures in place at the affected organization. ...more
As the COVID era drags on, it is clear that work life “post-COVID” may be very different from life “pre-COVID.” This is especially true as it relates to IT security. More and more employees have shifted to a telecommuting...more
Secureworks issues an annual Incident Response Report that is very helpful in obtaining information on what types of incidents are occurring in order to become more resistant to threats. The 2020 IR Report was recently...more
I am not a big fan of putting all of one’s passwords in one place, but many people use password managers. If you use Last Pass (see previous blog posts about Last Pass here and here), be aware that it was recently advised by...more
While many companies and service providers are spending significant time and budget on the privacy-related requirements of the forthcoming California Consumer Privacy Act (CCPA), the largest exposure for companies not selling...more