Author: Jay Brudz

Jay is a partner in the firm's Government & Regulatory Affairs group. Read Jay's full bio on the Faegre Drinker website.

Discerning Data Cyber Vulnerability Alert: Four Emerging Cyber Threats

Share

According to several recent media reports, malicious cyber actors have begun to utilize four new types of cyberattacks as part of their current destructive repertoire. The website www.databreachtoday.com noted that these new attacks are “significantly reshaping the threat landscape that CISOs have to deal with.”

These four new emerging cyberattacks are identified as:

  1. Defensive Evasion;
  2. Triple Extortion;
  3. Wiper Malware; and
  4. Accelerated Exploit Chain.

Continue reading “Discerning Data Cyber Vulnerability Alert: Four Emerging Cyber Threats”

Global Ransomware Attack: What Your Organization Needs to Know Now

Share

The WannaCry cyberattack on Friday, May 12, 2017 was the largest international ransomware attack to date.

Victims of the attack range in size—from Fortune 500 to small/medium-sized businesses—and industry—from academic institutions to large banks, health care providers and transportation networks. The U.K.’s health care regulatory agency, the National Health Service (NHS), was a major target. The attack’s devastating scale in exploiting data security vulnerabilities is a good reminder of how critical it is for health care organizations to conduct comprehensive security assessments immediately and regularly.

We took a close look at the WannaCry ransomware incident and have some tips for what organizations need to know to minimize their risk in this article.

Proposed Changes to the NIST Cybersecurity Framework

Share

The National Institute of Standards and Technology (NIST) issued an update to its Framework for Improving Critical Infrastructure Cybersecurity on January 10, 2017. The updated draft Version 1.1 was issued after NIST’s review of considerable public and private-sector feedback on Version 1.0.

The updated five Framework Core Functions remain the same as the previous iteration: Identify, Protect, Detect, Respond and Recover. Version 1.1 now includes enhanced categories, subcategories and guidance, including cyber supply chain risk management, safer information sharing, cybersecurity measurement and stronger measures for device authentication.

The updated draft includes improvements but is intended to remain a voluntary cyber risk management tool that organizations can customize.

Read our overview of the updates and insights on some of the highlights.

©2024 Faegre Drinker Biddle & Reath LLP. All Rights Reserved. Attorney Advertising.
Privacy Policy