The Securities and Exchange Commission entered into a resolution agreement with R.R. Donnelley & Sons (RRD) on June 18, 2024 with RRD agreeing to pay $2.125 million to resolve disclosure and control violations alleged by the...more
Every spring, BakerHostetler collects, analyzes, and compares key metrics on the incident response matters we handled in the prior year. The output – our Data Security Incident Response (DSIR) Report – highlights key findings...more
5/31/2024
/ Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Incident Response Plans ,
Information Governance ,
Information Reports ,
Malware ,
Ransomware ,
Third-Party Risk ,
Third-Party Service Provider ,
Vendors
The New York State Department of Financial Services (NYDFS) adopted comprehensive amendments to its cybersecurity regulation on Nov. 1, 2023. The amended regulation, including the notification provisions of §500.17, goes into...more
We’re back with a deeper dive into the 2023 Data Security and Incident Response Report, which features insights and metrics from 1,160+ incidents in 2022.
This episode dives deeper into the data, including ransomware and...more
Every year, BakerHostetler collects and analyzes various metrics about the incident response matters we handle. In 2022, we handled over 1,160 incidents. The most striking trends we saw across those incidents were an overall...more
5/24/2023
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Fraud ,
Fraudulent Transfers ,
Healthcare Facilities ,
Hospitality Industry ,
Incident Response Plans ,
Multi-Factor Authentication ,
Phishing Scams ,
Ransomware ,
Restaurant Industry ,
Retailers ,
Risk Management
On July 29, the New York Department of Financial Services (NYDFS) released Draft Amendments to its Part 500 Cybersecurity Rules that include a number of significant amendments to the rules, including notification...more
8/9/2022
/ Business Continuity Plans ,
Comment Period ,
Covered Entities ,
Cybersecurity ,
Disaster Preparedness ,
Extortion ,
Financial Institutions ,
Financial Services Industry ,
Incident Response Plans ,
Notice Requirements ,
NYDFS ,
Popular ,
Proposed Amendments ,
Ransomware ,
Reporting Requirements ,
Technology ,
Training Requirements
The Data Security Incident Response Report features insights and metrics from 1,270+ incidents that members of the firm’s DADM Practice Group helped clients manage in 2021....more
We recently wrote about North Carolina’s new law prohibiting state agencies - including public schools and universities - from paying a ransom or even communicating with a threat actor following a ransomware incident. On June...more
There is no question that ransomware is here to stay. Thirty-seven percent of the matters we handled last year involved ransomware, compared to 27 percent of matters in 2020. ...more
On April 5th, North Carolina became the first state to prohibit state agencies and local governments from paying ransoms after becoming victims of a ransomware attack. Indeed, in addition to prohibiting said entities from...more
Our 2021 Data Security Incident Response Report (DSIR) described ransomware as a scourge. There are stories every day about new threat actor groups and their victims. There are task forces, law enforcement initiatives,...more