AI Talk With Juliana Neelbauer - Episode Three - Cybersecurity Insurance: Coverage Challenges and Changes
Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Hybrid Workforces and Compliance with Sheila Limmroth
Defense In-Depth: Cybersecurity For Energy
On November 1, NYDFS’ expanded requirements for multi-factor authentication (MFA) and IT asset management went into effect, as part of the NYDFS’ Second Amendment to the Cybersecurity Regulation (Part 500). Details regarding...more
Artificial intelligence (“AI”) continues to transform society in ways beyond imagination. It is rapidly becoming clear that AI pervades every aspect of society, and criminal activity has been no exception. AI is now...more
OAuth tokens streamline access but create new vulnerabilities that threat actors are exploiting. Learn how to secure token infrastructure through robust monitoring, governance, and vendor management....more
October is National Cybersecurity Awareness Month, which is celebrating its 21st year. Spearheaded, organized and led by the Cybersecurity and Infrastructure Security Agency and the National Cybersecurity Alliance, the...more
On October 14, 2025, New York’s Department of Financial Services (DFS) fined eight auto insurance companies for violating its cybersecurity regulations (known as “Part 500”). The fines come as recent amendments to Part 500...more
Nearly a year after PowerSchool’s December 2024 data breach, the cloud-based software provider is facing a lawsuit initiated by Texas Attorney General Ken Paxton. PowerSchool is a leading global provider of technology...more
Cybersecurity Awareness Month was established to provide resources to organizations and their employees to help them stay safer and more secure online. It is an opportunity to focus on four key behaviors: creating strong...more
On November 1, 2025, additional cybersecurity requirements introduced by the Second Amendment to the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) (the “Second Amendment”) will...more
A recent campaign by the CL0P ransomware group has targeted on-premises, customer-managed Oracle E-Business Suite (EBS) systems, resulting in the potential for widespread data exfiltration and extortion attempts. The...more
Deepfakes, social engineering, and urgent texts or calls from your IT department all continue to be effective methods hackers use to gain access to your most important accounts and assets. October is Cybersecurity Awareness...more
Passwords are the key to your digital kingdom. Passwords, also known as “credentials,” provide the user with access to all information and data that the user has been authorized to access, whether in a personal or...more
Why It Matters Reputation at Risk: - Customers lose trust quickly after a breach. - Legal & Financial Consequences: Fines, lawsuits, and regulatory penalties add up fast. - Operational Disruption: Downtime and...more
As cyber threats continue to evolve and increase, insurers are responding by imposing stricter requirements on policyholders to obtain and maintain coverage. This shifts how businesses should implement, manage, and oversee IT...more
This month is the 22nd annual Cybersecurity Awareness Month, cosponsored by the Cybersecurity and Infrastructure Agency (CISA) and the National Cybersecurity Alliance. CISA’s theme this year is “Building a Cyber Strong...more
Eight years in the making, the final phase of New York’s groundbreaking Cybersecurity Regulation Part 500 amendments take effect Nov. 1 and businesses involved in the financial services sector must be prepared to comply with...more
Hinshaw partner Cathy Mulrow-Peattie recently participated in a panel discussion during the Q3 2025 FinCyber Femmes Meeting, hosted at IBM’s office in New York City. The FinCyber Femmes bring together leading professionals in...more
On March 1, 2017, New York’s Department of Financial Services (DFS) enacted a regulation establishing what was then one of the most stringent cybersecurity measures in the country. The goal was to enhance cybersecurity...more
ComplexDiscovery Editor’s Note: The Salesloft Drift breach, which affected over 700 organizations between August 8–18, 2025, marks a defining moment in the evolution of SaaS-related supply chain attacks. With attackers...more
The New York State Department of Financial Services (NYDFS) announced on August 14, 2025, resolution of civil enforcement action requiring Healthplex, Inc., a licensed insurance agent and independent adjuster, to pay a $2...more
On Aug. 14, 2025, the New York Department of Financial Services (NYDFS) issued a Consent Decree announcing that Healthplex, Inc. (Healthplex) has agreed to pay a $2 million fine, as a result of an investigation into a 2021...more
Ransomware group Akira is believed to be behind a large number of attacks that appear to be tied to SonicWall firewalls with SSLVPN enabled. Over the past week, a large number of attacks by the ransomware group Akira have...more
Recently, we had interesting questions from a client that was implementing two-factor authentication for employees to access the company’s information systems. The process requires employees to install the authentication app...more
On July 30, 2025, the White House released a 166-page report titled “Strengthening American Leadership in Digital Financial Technology” (the “Report”).[1] Authored by a working group of cabinet members and federal agency...more
Leading businesses continue to suffer cyber attacks at the hands of sophisticated ransomware groups. For example, the threat group “Scattered Spider” (also known as UNC3944, Octo Tempest, 0ktapus) is once again making...more
On June 27, 2025, the Federal Bureau of Investigation (FBI) issued a warning on X to the airline and transportation sectors that the notorious cyber criminal ring Scattered Spider is attacking those sectors....more