Category Archives: cybersecurity

Recent Studies Show Increasing Need For Employee Training in Data Security

Two recent studies show an increasing need for companies to better train their employees in data security to prevent data and monetary loss. On September 7, 2016, Wells Fargo Insurance released a study on cyber security showing some interesting trends in companies with $100 million or more in annual revenue. The second-annual study questioned 100 decision makers …

Read more »

New York Proposes First-Ever Cybersecurity Regulation for Financial Institutions

The New York Department of Financial Services recently announced a new proposed rule, which would require financial institutions and insurers to implement strong policies for responding to cyberattacks and data breaches.  Specifically, the rule would require insurers, banks, and other financial institutions to develop detailed, specific plans for data breaches; to appoint a chief privacy security officer; …

Read more »

Espionage and Export Controls: iPhone Hack Highlights New World of Warfare

Last week, researchers at Citizen Lab uncovered sophisticated new spyware that allowed hackers to take complete control of anyone’s iPhone, turning the phone into a pocket-spy to intercept communications, track movements and harvest personal data. The malicious software, codenamed “Pegasus,” is believed to have been developed by the NSO Group, an Israeli company (whose majority …

Read more »

Why You Need Law Firm Data Breach Response Plan

Hacking was once again prominently in the news when it was announced right before the Democratic National Convention that Democratic Party emails had been compromised. This comes after an incident earlier this year when it was announced that hackers broke into the computer networks at a number of well-known law firms, including Cravath Swaine & …

Read more »

Guidance on Ransomware Attacks under HIPAA and State Data Breach Notification Laws

On July 28, 2016, US Department of Health and Human Services (HHS) issued guidance (guidance) under the Health Insurance Portability and Accountability Act (HIPAA) on what covered entities and business associates can do to prevent and recover from ransomware attacks. Ransomware attacks can also trigger concerns under state data breach notification laws. What Is Ransomware? …

Read more »

Panama Papers: What Attorneys Can Learn from History’s Largest Data Breach

On April 3, 2016 the public learned that millions of client documents from the Panamanian law firm and corporate services provider Mossack Fonseca & Co. (MF) had made their way to an international organization, the International Consortium of Investigative Journalists (ICIJ), and that the information would be used to publish potentially damaging stories. In addition, …

Read more »

Employee Error Accounts for Most Security Breaches

A recent study by a well-known information security company captures one of the most common information security fallacies: that information security is a technology problem. Most businesses view mitigating information security risks as falling squarely in the purview of their information technology department. However, this study reports that human error actually accounted for nearly two-thirds …

Read more »

security breaches

Fiduciary Risk in Data Privacy and Cybersecurity? You Bet!

Health plan administrators are (or certainly should be) well-versed in their obligations under the Health Insurance Portability and Accountability Act (HIPAA), as amended by the Health Information Technology for Economic and Clinical Health Act (HITECH). Failure to secure protected health information (PHI) from disclosure can result in civil monetary penalties of up to $1.5 million …

Read more »

Early Settlement of Home Depot Consumer Data Breach Claims – Start of Trend?

home-depot image

Last week, a federal court in Atlanta issued an order preliminarily approving a proposed settlement – valued up to $19.5 million – of the consumer claims arising from the 2014 theft of payment card data from Home Depot.  The cash and noncash terms of the proposed settlement are unexceptional.  What is unusual about this settlement is its …

Read more »

security breaches

Ransomware: How It Works and What You Can Do

“Ransomware” is making big news, with reports that a California hospital paid $17,000 to regain access to its network after malware locked access to files. This is a case, however, of the news catching up to the facts. Ransomware has been one of the fastest growing forms of cyberattack over the last year. According to …

Read more »