The scope of WannaCry changed our perceptions of ransomware attacks. Until then, the more highly publicized ransomware incidents were localized targets impacting only one or a small number of businesses. WannaCry made it clear that ransomware could reach a broad cross-section of computers worldwide, at essentially the same time.
This article examines the guidelines published by Board of Governors of the Federal Reserve System on managing outsourcing risk, along with the Office of the Comptroller of the Currency (OCC) 2013 OCC Bulletin 2013-29 and the supplemental Jan. 24, 2017, examination procedures, which are designed to help bank examiners tailor the examinations of national banks and federal savings associations determine the scope of the third-party risk management examination.
While day-to-day maintenance tasks and insider risk protocols are important for long-term protection from different types of cybersecurity threats, it's important to acknowledge that no solution is 100% effective. No matter how much money a firm is currently investing in cybersecurity, the reality is that it only takes one wrong click for a breach to occur.
Encryption can play a vital role in securing data, but it needs to be considered within the context of a firm's overall IT security strategy. Whether, when and how to encrypt requires a careful look at what data the firm keeps, and how much protection it needs. This article explains how encryption can be used to guard against the reputational, financial and legal damage a breach of sensitive data can cause to law firms.
Is Your Firm Truly Prepared?
Cyber attacks and theft are on the rise around the country, and law firms are becoming prime targets. Similar to healthcare providers, a law firm's data can be the gold standard. Unlike manufacturers, banks and retailers, law firms are unique organizations that result in them being highly vulnerable.
The Challenge of Complying
In a bid to assert control over cyberspace, China passed a sweeping cybersecurity law that affects virtually every company doing business in that country. Despite its broad reach and potential for disruption, it appears that very few legal professionals are aware of the law.
Part Two of a Two-Part Article
Astonishing computing power lets health care providers harness vast computing resources to drive their business plans, manage treatment protocols and crunch data to boost their practices. However, unintended consequences arise and, in the case of computers, one such consequence is cyber peril.
A survey of 200 U.S. firms found that many law firms are unprepared for cyber attacks, and it's hurting their standing with clients.
The cloud might seem like “someone else's servers,” but major vendors are sensitive to the business need for security, availability and confidentiality. With sensitive, high-value data like that, cloud providers are keenly aware they need to get security right.
Until May 12, 2017, the more highly publicized ransomware incidents were localized targets impacting only one or a small number of businesses. WannaCry made it clear that ransomware could reach a broad cross-section of computers worldwide, at essentially the same time. There are very few, if any, businesses that can safely say they are not targets for cyber-criminals, because at the very least, businesses have personnel records for their employees.
