Search Results for: ransomware

National Cyber Security Centre Forecasts Upcoming Cyber Threats with AI Use for Attacks

January 26, 2024 By Kim Peretti and Alysa Austin

On January 24, 2024, the U.K.’s National Cyber Security Centre (NCSC) released a new report, The near-term impact of AI on the cyber threat, detailing how Artificial Intelligence (AI) will impact the effectiveness of cyber operations for 2025 and beyond. According to the report, threat actors are already using AI in cyber attacks and the […]

NYDFS Releases Industry Letter on the Use of Self-Service Password Reset Feature

January 23, 2024 By Kim Peretti, Kate Hanniford, Lance Taubin, Ashley Miller and Colton Jackson

On January 12, 2024, the New York State Department of Financial Services (“NYDFS”) released a new Industry Letter on the use of self-service password reset (“SSPR”) services, which enable users to reset their own password without the assistance of help desk or IT professionals. The Industry Letter discusses the risks associated with the use of […]

NY AG’s Office Announces Significant Cybersecurity Settlement with Healthcare Company

January 16, 2024 By Kim Peretti, Alysa Austin and Andrew Rice

On January 5, 2024, the New York Attorney General’s Office (“NY AG”) announced a settlement with Refuah Health Center, Inc. (“Refuah”) based on the company’s alleged failures to appropriately safeguard its patients’ information, including failing to encrypt patient information or use multifactor authentication, which allegedly resulted in a May 2021 ransomware attack that impacted approximately […]

CPPA Publishes Revised Cybersecurity Audit Regulations in Advance of Board Meeting

November 27, 2023 By Lance Taubin, Kristen Bartolotta and Santi Villar

On December 8, 2023, the California Privacy Protection Agency (CPPA) will hold a board meeting seeking public comment on various privacy regulations. The meeting, which will take place on Zoom, will cover several topics listed in its published agenda. The New CPRA Rules Subcommittee will provide an update and present on the Draft Regulations on […]

NYDFS Releases Significant Enhancements to its Cybersecurity Regulation in the Proposed Second Amendment

November 18, 2022 By Kim Peretti, Kate Hanniford, Ashley Miller and Lance Taubin

The New York Department of Financial Services (“DFS”) released their proposed second amendment to the Cybersecurity Regulation, 23 NYCRR Part 500 (“Proposed Second Amendment”) on October 9, 2022. DFS issued a minor amendment on April 2, 2020, revising the certification of compliance date (from February to April). The Proposed Second Amendment follows DFS’s “pre-proposed” draft […]