DHS and Cyber: What Should Companies Expect?
While the balance of security, privacy, and public safety has always been a concern, recent cyberattacks have highlighted conflicting guidance by United States government officials, creating potential pitfalls for businesses....more
Cybersecurity and national security collided in significant ways in 2024, with governments and private-sector entities grappling with the legal, technical, and policy challenges of a rapidly evolving cyber landscape....more
According to statements by the Cybersecurity and Infrastructure Security Agency (CISA), the People’s Republic of China-backed (PRC) hacking group Salt Typhoon, which attacked telecommunications providers last month, is still...more
Ransomware attacks are hitting record highs in 2024 and show no sign of slowing down as new criminal groups enter the scene and employ a variety of evolving tactics. This post identifies key highlights of ransomware activity...more
As cybersecurity threats continue to evolve, the sports industry faces unique challenges in safeguarding its data, athletes, and events. During a recent panel discussion at the Aspen Cyber Summit, Reynold Hoover, CEO of the...more
A recent joint advisory from the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the Department of Defense Cyber Crime Center (DC3) warns of increased collaboration...more
In a reminder that open source products can carry significant risks beyond intellectual property, a vulnerability in a compression tool commonly used by developers has triggered widespread concerns....more
In response to the growing threat by pro-Russia hacktivists, on May 1, 2023, CISA and other national agency partners issued an Alert to operators of industrial control systems and small-scale operational technology systems in...more
New York has released proposed cybersecurity regulations for hospitals. The regulations, which were published in The State Register on Dec. 6 and will undergo a 60-day public comment period ending on Feb. 5, are designed to...more
Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more
The national impact of ransomware is expanding. Following a dip in the recorded number of ransomware attacks for 2022, there have been multiple nationwide events with devastating effect in 2023. Given the damage across...more
Takeaway: CISA and CGYBER recommend all organizations who did not immediately apply available patches to assume Log4Shell compromise and initiate threat hunting activities. In December 2021, the world was held hostage by...more
The FBI and CISA recently issued a Cybersecurity Alert entitled “#StopRansomware: Zeppelin Ransomware” providing an alert to organizations about the proliferation of Zeppelin ransomware attacks and information on the...more
In previous posts on the Porter Hedges Anti-Corruption & Compliance Blog, our team has discussed the U.S. Securities and Exchange Commission’s (“SEC”) proposal to amend its rules and require disclosures related to...more
On March 24, 2022, the Department of Justice unsealed two indictments charging four Russian government employees in two hacking campaigns that targeted critical infrastructure in the energy sector. We cover these indictments...more
It’s the call you hope you never get. Your company has been hit with a ransomware attack. Your systems are offline. Your customer data was stolen by an unknown threat actor who is threatening to leak it. You have lots of...more
What You Need to Know- •The Strengthening American Cybersecurity Act will impose cyber incident and ransomware attack response protocol for a broad spectrum of businesses operating in numerous core industry sectors of the...more
Cybersecurity has emerged as a tangible risk for transportation service providers over the course of the last year. Ransomware attacks on domestic industry and critical infrastructure, and tensions associated with the Russian...more
On Feb. 24, 2022, Russia launched a large-scale military incursion into Ukraine. By all accounts, the Russian offensive attacked on multiple fronts, including against Ukraine’s network computers and communication systems. The...more
The success of ransomware attacks in 2021 has only emboldened cyber threat actors around the globe to continue these nefarious attacks on innocent victims. Ransomware attacks are only going to be growing in 2022. This...more
Report on Patient Privacy 22, no. 2 (February, 2022) - Tensions between the U.S. and Russia could lead to a heightened risk of Russian state-sponsored cyberattacks on U.S. interests, including health care organizations,...more
Privacy In Focus®- In 2021, cyber gained prominence as a top business risk and national security concern with ransomware attacks wreaking havoc on business operations and critical infrastructure. Companies large and small,...more
Report on Patient Privacy 22, no. 1 (January, 2022) - As the COVID-19 pandemic enters its third year, real “security fatigue” with pandemic-related issues will combine with cybercriminals’ increasingly sophisticated...more
Federal agencies are warning businesses and consumers of heightened ransomware risks. On November 1, 2021, the FBI issued a Private Industry Notification, warning businesses that ransomware actors are using significant...more
What: On November 16, 2021, the Cybersecurity and Infrastructure Security Agency (CISA) released Federal Government Cybersecurity Incident and Vulnerability Playbooks as part of the Biden Administration’s efforts to improve...more