FTC Warns Companies to Fix Vulnerabilities Associated with Log4j

Share

The Federal Trade Commission (FTC) recently warned private entities to remediate any ongoing Log4j vulnerabilities present within their networks or face possible enforcement action.

Log4j is used to record activities in a wide range of systems, sites, and software found in online products and services. Recently, a serious vulnerability in this popular software was discovered. This vulnerability poses a severe risk to millions of users. Most importantly, the Log4j vulnerability is being widely exploited by a growing set of attackers.

Continue reading “FTC Warns Companies to Fix Vulnerabilities Associated with Log4j”

The Weakest Link? FCC Seeks Information on Security Vulnerabilities in Internet Routers

Share

Over the last several years, the Federal Communications Commission (FCC) has been taking a more active role both in anticipating the need for ever greater communications network security measures necessary to counter threats as well as potentially forging a new role in protecting the integrity of data that flows through the Internet. The latest evidence of this security consciousness is a recent Notice of Inquiry (“Notice”) adopted by the FCC seeking information to better understand the scope of Border Gateway Protocol (BGP) routing system security vulnerabilities, and the means to address them.

Continue reading “The Weakest Link? FCC Seeks Information on Security Vulnerabilities in Internet Routers”

Faegre Drinker on Law and Technology Podcast: A Deeper Dive Into Cybersecurity Frameworks

Share

Last year, we provided a brief primer on prominent cybersecurity frameworks. In this episode of the Faegre Drinker on Law and Technology Podcast, Jason G. Weiss chats with guests Jim Watkins, former deputy laboratory director in the FBI’s Orange County Crime Lab and current certified technical assessor for the ANSI National Accreditation Board, and Nate Shiflett, the director of posture and compliance for Sylint, an internationally recognized cybersecurity and forensics firm, to take a deeper look into the leading cybersecurity frameworks.

Continue reading “Faegre Drinker on Law and Technology Podcast: A Deeper Dive Into Cybersecurity Frameworks”

Capping Cyber Casualties: Steps to Avoid Cyberattacks Flowing From Hostilities in Ukraine

Share

Recognizing that cyberattacks have already commenced and could spread beyond the Russian-Ukrainian battlefield, organizations can take several steps to protect themselves. They can recognize the risk. Then organizations can assess likely cyber threats and vulnerabilities, build resilience and take preventive actions, to avoid becoming another casualty in a conflict that already has too many.

Continue reading “Capping Cyber Casualties: Steps to Avoid Cyberattacks Flowing From Hostilities in Ukraine”

Ransomware Attacks in 2022 – Things are NOT Getting Better: A Call to Arms

Share

The success of ransomware attacks in 2021 has only emboldened cyber threat actors around the globe to continue these nefarious attacks on innocent victims. Ransomware attacks are only going to be growing in 2022. This conclusion comes from a recent international partner advisory (Advisory) jointly issued by The Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the NSA.

Continue reading “Ransomware Attacks in 2022 – Things are NOT Getting Better: A Call to Arms”

SEC Proposes New Cybersecurity Risk Management Rules for Registered Investment Advisers, Registered Investment Companies and Business Development Companies

Share

The Securities and Exchange Commission voted to propose cybersecurity rules that, if adopted, would require investment advisers and funds to implement written policies and procedures to address cybersecurity risk, and would create new reporting, disclosure and record keeping obligations.

Continue reading “SEC Proposes New Cybersecurity Risk Management Rules for Registered Investment Advisers, Registered Investment Companies and Business Development Companies”