NIST Releases New “Cybersecurity Framework Profile for Ransomware Risk Management” to Battle Growing Threat of Ransomware Attacks

Share

Ransomware incidents continue to be on the rise, wreaking havoc for organizations globally. Ransomware attacks target an organization’s data or infrastructure, and, in exchange for releasing the captured data or infrastructure, the attacker demands a ransom. This creates a dilemma for organizations — the decision to pay the ransom, relying on the attacker to release the data as they say, or to reject the ransom demand and try to restore the data or operations on their own.

Continue reading “NIST Releases New “Cybersecurity Framework Profile for Ransomware Risk Management” to Battle Growing Threat of Ransomware Attacks”

Faegre Drinker on Law and Technology Podcast: The Growth and Evolution of Disruptionware

Share

Cyberattacks are an increasingly common presence in the news, and disruptionware has emerged as a popular — and particularly nefarious — type of attack. Disruptionware poses an especially troubling threat, because it attacks both an organization’s information technology and operational technology networks — often with highly destructive goals. In this episode of the Faegre Drinker on Law and Technology Podcast, host Jason G. Weiss sits down with Peter Baldwin to break down disruptionware attacks, the industries that are most susceptible to them, and what we can learn from high-profile incidents.

Continue reading “Faegre Drinker on Law and Technology Podcast: The Growth and Evolution of Disruptionware”

US Broadband in 2021; Policies Promoting Infrastructure, Competition, National Security and Universal Access

Share

During his presidential campaign, President Biden committed “to build back better in rural America” by “expand[ing] broadband, or wireless broadband via 5G, to every American.” Last month, President Biden renewed his focus on “universal broadband” through the announcement of a bipartisan agreement for a large infrastructure bill that highlights broadband connectivity. Between setting the goal and realizing congressional appropriations to implement his “Build Back Better” initiative, federal (and in some situations, state) regulators have also confronted several important broadband infrastructure issues this year as they balance an understandable desire for competition and choice among broadband networks and service offerings against the practical challenges and economic realities of broadband deployment. What progress has the Biden Administration made so far?

Broadband is more important now than ever. According to a 2021 report by Parks Associates, 41% of US broadband households have been working or attending schools remotely, with the COVID-19 pandemic having driven approximately 7.2% of those households to upgrade their broadband network last year. Terabytes of data are communicated and shared every second through broadband Internet platforms – the most ubiquitous means of communication and connection.

Continue reading “US Broadband in 2021; Policies Promoting Infrastructure, Competition, National Security and Universal Access”

Significant Changes Proposed to UK GDPR

Share

The U.K. government recently launched a consultation proposing significant changes to the U.K. General Data Protection Regulation (UK GDPR). The U.K. aims to craft a bespoke “pro-growth and pro-innovation regime whilst maintaining…world-leading data protection standards.” The Consultation sets out in detail the significant reforms which the U.K. government seeks to implement – at the potential risk of losing its adequacy status for data transfers from the EU.

Continue reading “Significant Changes Proposed to UK GDPR”

Zombie PHR Breach Rule Rises From the Dead

Share

If an entity that offers a personal health record identifies a breach of information in that record, it is required to provide notice to each impacted individual and to the FTC within 60 calendar days of discovery.

Yesterday, the FTC issued a policy statement announcing a new interpretation of the FTC’s 10-year-old “Personal Health Record Breach Notification Rule.” As the FTC acknowledges, this rule has never been enforced by the FTC. The FTC’s announcement indicates its intention to begin enforcing this rule, which allows the FTC to assess penalties of $43,792 per day of violation.

Continue reading “Zombie PHR Breach Rule Rises From the Dead”