Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Hybrid Workforces and Compliance with Sheila Limmroth
Defense In-Depth: Cybersecurity For Energy
Verizon’s 2024 Data Breach Report, a must-read publication, was published on May 1, 2024. The report indicates that “Over the past 10 years, the use of stolen credentials has appeared in almost one-third (31%) of all...more
Most organizations and online platforms use multifactor authentication (MFA) (also called two-factor authentication) to confirm that the user is an authorized individual and not a scammer or fraudster. We have all been...more
Phishing has long been a favorite tactic for threat actors (hackers) to commence a cyberattack. The rapid expansion of more adaptable and available artificial intelligence (AI) technologies, such as natural language...more
Last month, a cyberattack forced two New York hospitals to divert and even discharge some patients to other facilities, while the affected hospitals shut down their IT systems to address the issue and restore their secure...more
On November 1, 2023, the New York Department of Financial Services (NY DFS) published its highly anticipated final amendments to its influential cybersecurity requirements for financial services companies (Part 500)....more
It’s Cybersecurity Awareness Month, and this year marks the 20th anniversary of the campaign. Introducing “Secure Our World” as the central theme, the Cybersecurity Infrastructure and Security Agency (CISA) is on a...more
We have posted blogs before on sharing genetic information and the risk associated with the disclosure of such sensitive information. Unfortunately, our concerns have been realized....more
The New York Department of Financial Services (DFS) has been increasingly active in enforcing the rigorous cybersecurity requirements imposed on “covered entities” under 11 NYCRR Part 500 (Reg 500). DFS has published an...more
It’s been several years since I have written about password hygeine. I have been hoping that a better security solution would be widely adopted and while I hear rumors in that regard, passwords still reign supreme. So when I...more
Cybersecurity is a looming threat for most businesses. The impact of a major cyber event can resonate for weeks, months, and even years after the initial attack. To mitigate the risks to consumers, there have been several...more
Every year, BakerHostetler collects and analyzes various metrics about the incident response matters we handle. In 2022, we handled over 1,160 incidents. The most striking trends we saw across those incidents were an overall...more
Creating passwords needs to be a challenge, not for you to remember but for others to guess. Yet, the digital world is changing. A single sign-on password is pretty easy for unsavory characters to hack. Statistics indicate in...more
Takeaway: As cybersecurity risk increases, large enterprises and government agencies are, increasingly, forcing smaller vendor companies to obtain cyber insurance to help manage the risk of a data breach. To prepare for an...more
Hybrid work is likely here to say, and, as Sheila Limmroth, privacy specialist at DCH Health System, and the author of the chapter Hybrid Work Environment in the Complete Healthcare Compliance Manual observes in this...more
What: On February 23, 2022, the National Security Telecommunications Advisory Committee (NSTAC) approved a final draft of its forthcoming report to the President on Zero Trust and Trusted Identity Management. ...more
On October 27, 2021 the FTC issued a final rule (the “Final Rule”) amending 16 CFR Part 134, Standards for Safeguarding Customer Information (“Safeguards Rule”), after a period of notice and comment. While the existing...more
In our first article to kick off Cybersecurity Awareness Month, we will discuss some steps businesses can take to improve their cyber hygiene. Over the past few years, some of the largest and well-known companies have been...more
In the wake of a cyber incident, regulators and law enforcement agencies closely scrutinize the cyber security measures in place at the affected organization. ...more
Following Ubiquiti’s security incident and its subsequent recommendation to change your router password and enable multi-factor authentication, and the fact that it is widely reported that using default passwords on routers...more
Secureworks issues an annual Incident Response Report that is very helpful in obtaining information on what types of incidents are occurring in order to become more resistant to threats. The 2020 IR Report was recently...more
Many workers and employers are adjusting to remote working as a result of the COVID-19 pandemic. That shift has created a unique opportunity for cyber-attackers and criminals – the European Union Agency for Cybersecurity has...more
As businesses institute widespread remote work policies and procedures to facilitate social distancing and “flatten the curve,” they should be mindful of increased data privacy and security risks. The risks can range from...more
I am not a big fan of putting all of one’s passwords in one place, but many people use password managers. If you use Last Pass (see previous blog posts about Last Pass here and here), be aware that it was recently advised by...more