For many, responding to an incident feels chaotic — questions swirling, uncertainties piling up, and no clear direction. Even when prepared with a well-rehearsed incident response plan, a data security incident places a company’s response team in a precarious situation of juggling numerous variables at once. In the chaos of determining whether a breach has
Cybersecurity
Cybersecurity Awareness Month: A Basic Primer to Keep Your Data & Information Safe
As Cybersecurity Awareness Month comes to an end and the spooky season of Halloween is upon us, no one wants to live through a cybersecurity horror story. There are some simple precautions every business and household can participate in to help keep their data and information safe. We have outlined a few below with a…
Cybersecurity Compliance Issues with Verizon FCA Settlement Provides Helpful Suggestions on How to Reduce Liabilities or Mitigate Damages
Unfortunately, but as predicted earlier this year, the Department of Justice (DOJ) has shown no signs of pausing use of the False Claims Act (FCA) as a tool to enforce cybersecurity compliance.
On September 5, 2023, DOJ announced an FCA settlement with Verizon Business Network Services LLC based on Verizon’s failure to comply with…
Technological and Legal Defenses Against Privacy Attacks on Machine Learning Models
Machine learning (ML) models are a cornerstone of modern technology, allowing models to learn from and make predictions based on vast amounts of data. These models have become integral to various industries in an era of rapid technological innovation, driving unprecedented advancements in automation, decision-making, and predictive analysis. The reliance on large amounts of data…
The Future of Construction: AI and Predictive Maintenance Part 1
The construction sector is known for its perennial pursuit of efficiency, quality, and safety. In recent years, one of the tools the sector has started leveraging to achieve these goals is predictive maintenance (PM), specifically the implementation of artificial intelligence (AI) within this practice. This approach, combined with continuous advancements in AI, is revolutionizing the…
Tabletop Exercises as Risk Mitigation Tools
As cyber threats have evolved and expanded, cybersecurity has emerged as a threat to organizations across sectors, and there is more urgency than ever for companies to remain vigilant and prepared. Cybersecurity incidents can come with legal implications and lead to substantial financial losses, and members of the board must increasingly be involved and knowledgeable…
DoDIG Audit of Controlled Unclassified Information (CUI) Program: Findings and Next Steps for Contractors
The Department of Defense Inspector General (DoDIG) recently released its “Audit of the DoD’s Implementation and Oversight of the Controlled Unclassified Information [CUI] Program” (DODIG-2023-078). The audit highlights some of DoD’s challenges in implementing the CUI Program and provides recommendations on how to make the program work better. The DoD’s response to the…
How a Zero-Day Flaw in MOVEit Led to a Global Ransomware Attack
In an era where our lives are ever more intertwined with technology, the security of digital platforms is a matter of national concern. A recent large-scale cyberattack affecting several U.S. federal agencies and numerous other commercial organizations emphasizes the criticality of robust cybersecurity measures.
The Intrusion
On June 7, 2023, the Cybersecurity and Infrastructure Security…
You Have 72 Hours: NCUA Finalizes New Cybersecurity Incident Reporting Rule for Federally Insured Credit Unions
Federally insured credit unions are now required to report a cyber incident to the National Credit Union Administration (NCUA) Board within 72 hours. This final rule was unanimously approved by the NCUA on February 17, 2023 and will take effect September 1, 2023 – giving credit unions just over 6 months to update their data…
Cybersecurity Enforcement Has Increased, and 2023 Will Be Worse!
The government’s announcement of renewed emphasis on cybersecurity enforcement has spawned recent million-dollar enforcement actions. Continued government attention on cybersecurity promises a treacherous enforcement environment in 2023 and beyond.
Several recent government initiatives have focused on cybersecurity enforcement. Towards the end of 2021, the Department of Justice announced a Civil Cyber-Fraud Initiative to use the…