To file in the “no one is immune from a sophisticated attack,” category, well-known and respected security firm FireEye publicly announced this week that it has experienced an attack by a state-sponsored (which means a foreign government) hacking group, which successfully obtained its “red team tools.” This is very concerning, as the red team tools

Three recent events are prompting me to update our previous blog post on the difficult decision of whether to pay or not to pay ransomware following an attack [view related post].

The first event is the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory on October 1, 2020,

The threat-related statistics of malware and ransomware are mind-boggling. We have regularly reported on the dramatic increase of ransomware, but the statistics on successful exploitation and botnet activities are just as bad.

According to Nuspire’s Q3 Threat Landscape Report (www.nuspire.com), based upon its experience over the last three months, there was an increase

According to Cybersecurity Ventures, cybercrime is the fastest growing crime in the U.S., with damages expected to reach $6 trillion globally by 2021. Therefore, it is axiomatic that C-Suites continue to address the risk associated with cybercrime and how cybercrime will affect the business.

Ransomware continues to be one of the biggest risks to company

Although the Presidential race is unconfirmed at the time of this writing, there are several data privacy and security laws to put on your radar following the election this week.

Here is a brief list of laws that passed that we are aware of so far. We will provide more information as news breaks, but

It is no longer a matter of if, but when companies that suffer a data breach will be sued in a class action lawsuit following a data breach. Many of those data breach cases get dismissed, as it is difficult for consumers to show they have suffered a compensable harm from a particular data breach.

Secureworks issues an annual Incident Response Report that is very helpful in obtaining information on what types of incidents are occurring in order to become more resistant to threats. The 2020 IR Report was recently issued, and it contained some conclusions that made sense, while others were surprising.

The Report, entitled Pandemic-Driven Change: The Effect

On October 8, 2020, New Jersey Attorney General Gurbir Grewal (AG) announced that his office has entered into a multi-state settlement agreement with Community Health Systems, Inc. (CHS) stemming from an investigation of a 2014 data breach that exposed personal information of approximately 6.1 million patients, including 45,000 New Jersey residents. This is after CHS

Morgan Stanley has settled claims by the Office of the Comptroller of the Currency (OCC) that it failed to properly decommission data centers that housed client data of its wealth-management operations two times—once in 2016 and once in 2019 for $60 million.

According to the OCC, Morgan Stanley “failed to effectively assess or address risks