Recognizing that cyberattacks have already commenced and could spread beyond the Russian-Ukrainian battlefield, organizations can take several steps to protect themselves. They can recognize the risk. Then organizations can assess likely cyber threats and vulnerabilities, build resilience and take preventive actions, to avoid becoming another casualty in a conflict that already has too many.
Tag: cyberattack
Feds Hope to Tighten Timeline for Agency Reporting of Cyberattacks as Congress Debates Federal Data Breach Notification Law
On December 6, 2021, in the Memorandum for the Heads of Executive Departments and Agencies, the Office of Management and Budget took a more aggressive position on strengthening the nation’s cybersecurity posture. Under this memorandum, federal agencies are now mandated to report “major” cyberattacks within one hour of discovery to the Cybersecurity and Infrastructure Security Agency (CISA) and to the Office of Management and Budget (OMB). It also directed that affected agencies update reports within one hour of determining that an already-reported incident is determined to be “major.”
Faegre Drinker on Law and Technology Podcast: A Primer on Cryptocurrency
When it comes to cryptocurrency, questions abound: What can you purchase with crypto? How can you buy it? Is crypto a passing fad or an innovation that will stand the test of time? In this episode of the Faegre Drinker on Law and Technology Podcast, host Jason G. Weiss sits down with Faegre Drinker’s Jeffrey Blumberg and former Orange County District Attorney Rahul Gupta, a cybercrime prosecutor with experience in cryptocurrency criminal litigation, to talk all things cryptocurrency.
Continue reading “Faegre Drinker on Law and Technology Podcast: A Primer on Cryptocurrency”
Faegre Drinker on Law and Technology Podcast: The Growth and Evolution of Disruptionware
Cyberattacks are an increasingly common presence in the news, and disruptionware has emerged as a popular — and particularly nefarious — type of attack. Disruptionware poses an especially troubling threat, because it attacks both an organization’s information technology and operational technology networks — often with highly destructive goals. In this episode of the Faegre Drinker on Law and Technology Podcast, host Jason G. Weiss sits down with Peter Baldwin to break down disruptionware attacks, the industries that are most susceptible to them, and what we can learn from high-profile incidents.
Fall Cybersecurity Enforcement Update: State and Federal Regulators Increase Scrutiny on Victims of Cyberattacks
We have written here previously about the dramatic increase in cyberattacks on companies of all types since the start of the COVID-19 pandemic. Indeed, by some estimates, ransomware attacks have increased over 90% during the first half of 2021 compared to the same period last year. As these and other types of cyberattacks have increased, various federal and state regulators have correspondingly stepped up efforts to investigate and bring enforcement actions – which often include large fines – against companies that are perceived to have been negligent in their cybersecurity efforts. Two of the most active agencies in cybersecurity enforcement have been the New York Department of Financial Services (NYDFS) and the United States Securities & Exchange Commission (SEC), both of which have made important announcements regarding cybersecurity compliance in the past few months.
Continue reading “Fall Cybersecurity Enforcement Update: State and Federal Regulators Increase Scrutiny on Victims of Cyberattacks”
Senators Introduce Bipartisan Legislation To Require Federal Contractors and Operators of Critical Infrastructure to Disclose Cyber Intrusions
A bipartisan group of 14 United States senators recently introduced proposed legislation that would require federal contractors and operators of critical infrastructure to disclose any cyber intrusion within 24 hours. A copy of the proposed legislation can be found here.
Currently, there is no federally mandated reporting requirement for cyberattacks on American infrastructure targets. The newly proposed legislation is designed to prevent these attacks from going unreported and uninvestigated.