ransomware attack

FBI/CISA Alert: Increased Likelihood of Ransomware Attacks Over Labor Day Weekend

By Joseph J. Lazzarotti, Jason C. Gavejian & Maya Atrakchi on September 3, 2021

Posted in Data Security, Incident Response Planning, Information Risk

Watch out! A spike in ransomware attacks may be headed our way over Labor Day weekend. Yesterday, the FBI jointly with the Cybersecurity and Infrastructure Security Agency (CISA) issued a warning to be on high alert for ransomware attacks this weekend, after recent targeted attacks over Mother’s Day, Memorial Day and Fourth of July weekends.…

NIST Preliminary Draft Cybersecurity Framework Profile for Ransomware Risk Management Provides Risk Management Strategies

By Michael R. Bertoncini on July 2, 2021

Posted in Data Security, Information Risk, Written Information Security Program

The National Institute of Standards and Technology (NIST) recently released a preliminary draft of its Cybersecurity Framework Profile for Ransomware Risk Management. The public comment period for this draft runs through July 9, 2021. NIST says “The profile can be used as a guide to managing the risk of ransomware events. That includes helping…

Federal Agencies Issue Joint Alert on Imminent Cybercrime Threat to Healthcare Providers

By Joseph J. Lazzarotti, Jason C. Gavejian & Michael R. Bertoncini on October 29, 2020

Posted in Consumer Privacy, Data Security, Health Information Technology

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of Health and Human Services (HHS) have issued a joint cybersecurity advisory stating they have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.

The advisory describes the tactics, techniques, and procedures…

Upward Trend in Cyberattacks Targeting Senior Executives

By Joshua D. Allen on June 26, 2019

Posted in Data Security, Information Risk, Workplace Privacy, Written Information Security Program

Verizon recently published its 2019 Data Breach Investigations Report. This report is the 12th edition and contains an analysis of 41,686 security incidents with 2,013 confirmed breaches from 73 sources, including public and private entities. Included among its many findings, the report found high-level executives are twelve times more likely to be the target…

North Carolina’s Much Anticipated Data Breach Notification Law Amendment Moves to General Assembly

By Joseph J. Lazzarotti & Maya Atrakchi on April 25, 2019

Posted in Consumer Privacy, Data Breach Notification, Data Security

The much-anticipated amendment to North Carolina’s data breach notification law that we reported on earlier this year (see here) has finally been introduced to the state’s General Assembly. The bill entitled, an Act Amending the Identity Theft Protection Act, House Bill DRH40393-LR10C, is primarily sponsored by State Representatives Jason Saine (R), Brenden H.…

Damaging Data Breaches Don’t Just Involve SSNs or Medical Information

By Joseph J. Lazzarotti & Maya Atrakchi on April 3, 2019

Posted in Uncategorized

A few weeks back a company’s watch list containing nearly 2.5 million individuals and entities considered “high-risk” for its clients was mistakenly leaked to the public. A “high-risk” entity in this circumstance was one potentially linked to organized crime or terrorism. The leak resulted from an unsecured and incorrectly configured company database.

Typically in the…

Workplace Privacy, Data Management & Security Report