We’re back with a deeper dive into the 2023 Data Security Incident Response Report, which features insights and metrics from 1,160+ incidents in 2022.
This episode dives deeper into privacy litigation.
Questions & comments:...more
On June 1, the FBI, the U.S. Department of State and the National Security Agency, together with the Republic of Korea’s (ROK) National Intelligence Service, National Police Agency and Ministry of Foreign Affairs, issued a...more
6/7/2023
/ Colleges ,
Cybersecurity ,
Data Theft ,
Foreign Policy ,
Geopolitical Risks ,
Hackers ,
Journalists ,
Korea ,
Media ,
Nonprofit Research Organizations ,
North Korea ,
Phishing Scams ,
Public Policy ,
Risk Alert ,
Risk Mitigation ,
Scientific Research ,
State-Owned Enterprises ,
Universities ,
US Department of State
On February 9, 2023, the Department of Education Office of Federal Student Aid (“FSA”) issued an electronic notice regarding the Federal Trade Commission’s Final Rule amending the Standards for Safeguarding Customer...more
We recently wrote about North Carolina’s new law prohibiting state agencies - including public schools and universities - from paying a ransom or even communicating with a threat actor following a ransomware incident. On June...more
On April 5th, North Carolina became the first state to prohibit state agencies and local governments from paying ransoms after becoming victims of a ransomware attack. Indeed, in addition to prohibiting said entities from...more
In the event of a ransomware attack, there are a host of legal frameworks that could potentially be implicated. Whether those laws apply often depends on the nature of the data that the threat actor accessed and/or acquired....more
4/19/2022
/ Cyber Attacks ,
Cybersecurity ,
DFARS ,
Educational Institutions ,
FERPA ,
FOIA ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Ransomware ,
Risk Management ,
Safeguards Rule ,
State Data Breach Notification Statutes
The best way to ensure that an educational institution can respond quickly and effectively to a ransomware attack and minimize any chaos and confusion that accompanies such incidents is to have an incident response plan in...more
The ransomware epidemic has affected and continues to affect all industries, including healthcare, manufacturing and finance. Since 2020, however, the education industry has been targeted as much as or more than any other...more
The emergence of e-sports is no longer news. According to industry reports, the global e-sports industry created over $950 million in total revenue in 2020, and experts expect that number to grow to $1.6 billion by 2023....more
In certain cases, the General Data Protection Regulation (GDPR) requires entities that experience a personal data breach to provide notice of the incident to relevant national supervisory authorities and the individuals whose...more
2/19/2021
/ Cybersecurity ,
Data Breach ,
Data Controller ,
Data Management ,
Data Protection ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Notification Requirements ,
Personal Data ,
Popular
Although it was widely reported that several ransomware threat actor groups have pledged to not target healthcare providers until the COVID-19 pandemic is over, BakerHostetler’s Digital Assets and Data Management Practice...more