The Privacy Insider Podcast Episode 11: Signal and Noise: The New Administration, Privacy, and Our Digital Rights with Cindy Cohn of Electronic Frontier Foundation
Digital Planning Podcast - Interview With Leeza Garber
Compliance into the Weeds-Episode 39, Disclosure of Ransomware Attacks
Your Cyber Minute: Compliance with the Proposed NYDFS Cybersecurity Regulation
Safeguards against Data Security Breaches (Part One)
On December 27, 2024, the Department of Health and Human Services (HHS) issued a notice of proposed rulemaking (NPRM) related to the Security Rule under the Health Insurance Portability and Accountability Act (HIPAA). ...more
If you have a tendency to reuse the same password across multiple accounts, you could be leaving yourself (and your organization) exposed to risk. Credential stuffing, the stealthy technique fueling a recent explosion of...more
2023 was the most devastating year yet for ransomware attacks, with businesses forking over $1 billion in ransom payments for the first time ever – and 2024 is expected to be even worse. Beyond the payments, the average cost...more
Ransomware attacks are on the rise. Cyber criminals continue to exploit lax security measures, which have become more acute in the work-from-home environment, and hack into companies’ systems, encrypt their data, and then...more
In our first article to kick off Cybersecurity Awareness Month, we will discuss some steps businesses can take to improve their cyber hygiene. Over the past few years, some of the largest and well-known companies have been...more
The Colonial Pipeline ransomware attack was the largest in the energy sector to date, and with cybercrimes up 100% from 2019 to 2020 this is only the beginning for 2021. Many organizations are taking on a digital...more
The Digital Planning Podcast is designed to educate individuals about all things digital in connection with estate planning, business planning, and estate administration. Your hosts, attorneys Jennifer Zegel, Ross Bruch, and...more
October is National Cybersecurity Awareness Month (NCAM). NCAM serves as a timely reminder to continue to assess and improve organizational cybersecurity. In honor of NCAM, here are five fundamental steps that every...more
James Grago has a nice business going. He runs a website called ClixSense.com that permits users to earn money by completing surveys and watching advertisements. Revenues grew from $6.7 million in 2015 to $9.1 million in...more
In a set of recent settlements, the Federal Trade Commission (the FTC or Commission) resolved charges against two companies, ClixSense and D-Link, for failing to provide reasonable security and to live up to their data...more
California’s San Diego Unified School District recently disclosed that it had sustained a data breach when multiple phishing emails from malicious hackers were used to gather login information of staff members throughout the...more
In late 2018 the U.S. District Court of New Jersey indicted two Iranian men for allegedly running a hacking scheme that hit local and state governments as well as transportation agencies and hospitals across the U.S. The...more
We are living in a rapidly changing world (trite, I know) where companies have to focus on data privacy and security for a variety of reasons. Consumers and constituents are concerned about the safety and privacy of personal...more
Start-up companies know that, when potential investors kick the tires, they will look carefully at the company’s business model and IP portfolio. These days, investors are also likely to look at whether the company is in...more
The Ponemon Institute has released a recent report concluding, among other things, that the cost to a company suffering a data breach in the U.S. has risen eight percent year-on-year from 2017. The total cost of the average...more
Partner Colin Zick was recently invited to speak to the Union College Computer Science Department’s Seminar Series. His presentation addressed the difficulties in implementing encryption in the workplace, the challenges to...more
All lawyers face technology threats, ranging from the inconvenient to practice-threatening disasters. From unauthorized access, lawyers risk having confidential information stolen, destroyed or made inaccessible. Hackers...more
With corporate data security breaches on the rise, the New York State Department of Financial Services (NYDFS) has adopted rules requiring financial institutions to take certain measures to safeguard their data and inform...more
The Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) has published an online list of data breach notifications issued each year to Massachusetts residents since 2007, the inception of the...more
I have been doing a lot of live employee training lately. I really enjoy it, and have been told that it is some of the most entertaining training around. The reason why I can get the audience to laugh is because I tell real...more
On July 11, 2016, the HHS Office of Civil Rights (OCR) released guidance on HIPAA covered entities’ responsibilities in a ransomware attack, a type of cyber-attack that has targeted the health care sector extensively in...more
Recent amendments to the State’s data breach statute give a hard deadline for a business to provide consumer notice, removes encryption safe harbor, exempts entities that are subject to the Health Insurance Portability and...more
Tennessee recently amended its data breach notification law, and in doing so, it has joined the ranks of states like Florida, Ohio, and Wisconsin that require notification to residents of a data breach within a defined time...more
This Halloween, the scariest monsters might not be in your closet or under your bed. They may be overseas, orchestrating intrusions into your electronic medical record. Or they may be lurking in your own workforce, carrying...more
Three bills that will update California’s data breach notification requirements have been signed into law by Governor Jerry Brown. The bills impose specific requirements on providing breach notification to consumers, add a...more