AI Talk With Juliana Neelbauer - Episode Three - Cybersecurity Insurance: Coverage Challenges and Changes
Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Hybrid Workforces and Compliance with Sheila Limmroth
Defense In-Depth: Cybersecurity For Energy
May 1 is World Password Day, a day for organizations to remind their employees of the importance of using strong passwords and practicing good password hygiene to protect personal and work accounts. It’s a time for...more
As part of a multiyear rollout, the New York Department of Financial Services (NYDFS) has established May 1, 2025, and November 1, 2025, as effective dates for certain amendments to its cybersecurity regulations. These...more
Our Privacy, Cyber & Data Strategy Team highlights the increasingly specific cybersecurity controls identified by regulators, explains why these enhanced cybersecurity controls have become the focus of regulators, and shares...more
Cybersecurity is no longer a luxury; it’s a necessity. For start-ups and established businesses alike, protecting sensitive information and maintaining customer trust relies heavily on strong cybersecurity measures. With...more
In November 2023, New York State's Department of Financial Services (NYDFS) amended its cybersecurity regulation, Part 500. This legal alert provides an update for Covered Entities and Class A Businesses on the current NYDFS...more
HaveIBeenPwned is a website that allows users to check whether their data has been involved in data breaches. The website’s creator, Troy Hunt, was the subject of a phishing attack earlier this week....more
The construction industry’s reliance on digital data and devices has reshaped the construction process. When used properly, digital technology facilitates collaboration and increases productivity. However, growing dependence...more
Give Thanks - Cybersecurity and IT leaders are vital to every organization’s success. But they might also be burning out now, when you need them more than ever. 93% of security leaders say they’ve considered quitting their...more
On December 27, 2024, the U.S. Department of Health and Human Services (HHS), through the Office for Civil Rights (OCR), announced a Notice of Proposed Rulemaking (NPRM) to amend the Security Standards for the Protection of...more
A few days ago, the U.S. Department of Health and Human Services (“HHS”), through its Office for Civil Rights, issued the proposed rule HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Protected Health...more
In today's digital landscape, robust password management is critical to information security. With the increasing complexity of cyber threats, ensuring secure access to sensitive information has become more critical than...more
Ask any chief information security officer (CISO), cyber underwriter or risk manager, or cybersecurity attorney about what controls are critical for protecting an organization’s information systems, you’ll likely find...more
In December 2021, Suffolk County, New York, experienced a significant cybersecurity breach that culminated in a ransomware attack in September 2022. The attack went undetected for months, allowing the attackers to install...more
This month is the 21st annual Cybersecurity Awareness Month, cosponsored by the Cybersecurity and Infrastructure Agency (CISA) and the National Cybersecurity Alliance. This year’s theme is “Secure Our World,” continuing what...more
Announcing its fourth ransomware cybersecurity investigation and settlement, the Office for Civil Rights (OCR) also observed there has been a 264% increase in large ransomware breaches since 2018....more
Verizon’s 2024 Data Breach Report, a must-read publication, was published on May 1, 2024. The report indicates that “Over the past 10 years, the use of stolen credentials has appeared in almost one-third (31%) of all...more
Most organizations and online platforms use multifactor authentication (MFA) (also called two-factor authentication) to confirm that the user is an authorized individual and not a scammer or fraudster. We have all been...more
It’s Cybersecurity Awareness Month, and this year marks the 20th anniversary of the campaign. Introducing “Secure Our World” as the central theme, the Cybersecurity Infrastructure and Security Agency (CISA) is on a...more
We have posted blogs before on sharing genetic information and the risk associated with the disclosure of such sensitive information. Unfortunately, our concerns have been realized....more
It’s been several years since I have written about password hygeine. I have been hoping that a better security solution would be widely adopted and while I hear rumors in that regard, passwords still reign supreme. So when I...more
Creating passwords needs to be a challenge, not for you to remember but for others to guess. Yet, the digital world is changing. A single sign-on password is pretty easy for unsavory characters to hack. Statistics indicate in...more
Hybrid work is likely here to say, and, as Sheila Limmroth, privacy specialist at DCH Health System, and the author of the chapter Hybrid Work Environment in the Complete Healthcare Compliance Manual observes in this...more
On October 27, 2021 the FTC issued a final rule (the “Final Rule”) amending 16 CFR Part 134, Standards for Safeguarding Customer Information (“Safeguards Rule”), after a period of notice and comment. While the existing...more
In the wake of a cyber incident, regulators and law enforcement agencies closely scrutinize the cyber security measures in place at the affected organization. ...more
Secureworks issues an annual Incident Response Report that is very helpful in obtaining information on what types of incidents are occurring in order to become more resistant to threats. The 2020 IR Report was recently...more