The fallout from the SolarWinds hacking incident linked to Russian threat actors has not only wreaked havoc on governmental agencies and private companies whose data are at risk following the incident, but this week, Bitsight and Kovrr released an analysis outlining the effect of the event on insurance losses that estimates the incident could cost

The U.S. Attorney’s Office for the District of Massachusetts is warning small businesses that received loans through the Paycheck Protection Program (PPP) of a dramatic increase in reports of business email-compromise schemes related to the program. Scammers are using information about PPP recipients posted by the Small Business Administration (SBA) to impersonate PPP lenders requesting

The Federal Trade Commission (FTC) is warning small businesses that they are being targeted by scammers through a new coronavirus-related scam. The scam “starts with an email that claims to come from the ‘Small Business Administration Office of Disaster Assistance.’ It says you’re eligible for a loan of up to $250,000 and asks for personal

Development and Operations (DevOps) teams are often pressured by executives and sales teams to get software products completed and out the door and into the market as quickly as possible so the products can generate income. Often, security is not the highest priority for DevOps, as adding security features may affect the performance of the

2020 will go down as one of the most stressful in my career as a cybersecurity professional. I have been working in this area of law full time since 2003. So that says a lot.

On top of the stress of the spread of the coronavirus, this has been a particularly stressful year assisting clients

Among many other things, 2020 has been the year of vendor security incidents and data breaches. More than ever, we have responded to incidents for clients that were caused not by the client, but by a third-party vendor.

When a vendor causes a security incident, it will commonly report the incident to you and then

To file in the “no one is immune from a sophisticated attack,” category, well-known and respected security firm FireEye publicly announced this week that it has experienced an attack by a state-sponsored (which means a foreign government) hacking group, which successfully obtained its “red team tools.” This is very concerning, as the red team tools

Three recent events are prompting me to update our previous blog post on the difficult decision of whether to pay or not to pay ransomware following an attack [view related post].

The first event is the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory on October 1, 2020,

The threat-related statistics of malware and ransomware are mind-boggling. We have regularly reported on the dramatic increase of ransomware, but the statistics on successful exploitation and botnet activities are just as bad.

According to Nuspire’s Q3 Threat Landscape Report (www.nuspire.com), based upon its experience over the last three months, there was an increase

According to Cybersecurity Ventures, cybercrime is the fastest growing crime in the U.S., with damages expected to reach $6 trillion globally by 2021. Therefore, it is axiomatic that C-Suites continue to address the risk associated with cybercrime and how cybercrime will affect the business.

Ransomware continues to be one of the biggest risks to company