Electronic Data Security

Shata Stucky writes:

Username and password login fields, online securityThe United States National Institute for Standards and Technology (NIST) has issued new guidelines for creating secure passwords.  NIST guidelines, which are directed to “federal government systems,” often become best practice recommendations across the security industry.

The new guidelines are a significant break from previous rules.  Security experts previously recommended frequent password

Data privacy and securityFox Rothschild partner and firm Chief Privacy Officer Mark G. McCreary sees a trend: Law firms are increasingly recognizing that naming a lawyer to lead data security and privacy efforts is “an essential ingredient in good risk management.”

In an article for Law360 entitled “Notes From A Law Firm Chief Privacy Officer: CPO vs. CISO,”

Cybersecurity positions are increasingly difficult to fill and the long-term prospects for the industry don’t appear to be getting any brighter, Ericka Chickowski warns at the blog DARKReading. More than 25 percent of organizations take six months or longer to fill priority positions, she reports in “Desperately Seeking Security: 6 Skills Most In Demand.”
Continue Reading

Yesterday, a massive ransomware attack now known as “Petya” spread across the globe in a similar fashion to the WannaCry cyberattack in May. In an Alert today, Fox Chief Privacy Officer and Partner Mark McCreary breaks down what we know about the attack, how to address it if your organization falls victim to it, and

With over 123,000 computers infected, experts believe the “WannaCrypt” attacks have stopped after researchers registered a domain that the software checks before encrypting. However, nothing is stopping someone from revising the software to not require that check and releasing it into the wild. In other words, do not expect the infections to stop.
Continue Reading

With tax season in full swing, a different season is impacting businesses across all industries: “phishing season.”

Phishing scams
Copyright: fberti / 123RF Stock Photo

“Phishing” or “spear phishing” refers to cyberattack scams that target certain individuals within an organization with the hope of gaining access to valuable information.

These scams take

On March 15, Fox Rothschild partner Scott Vernick will participate in a panel discussion on Developments in Data Privacy & Security as part of the 2017 Argyle Chief Legal Officer Leadership Forum. The Forum will take place from 8 a.m. to 5 p.m. at the Convene Conference Center at 730 3rd Ave in New York

For the second time in just four months, Yahoo has announced a massive cyberattack. The first attack, which occurred in 2014, set a record with the breach of 500 million user accounts. But the company now believes that twice as many accounts were compromised in a second data breach.

Search engine conceptAn internal investigation at the search

In what may be the largest data breach ever publicly disclosed, Yahoo, disclosed that a 2014 cyberattack breached at least 500 million user accounts. The company said it believes state-sponsored actors were responsible and that the data stolen includes names, email addresses, telephone numbers, dates of birth, and hashed passwords.

Data privacy and securityThe data could also include

The United States and Canada have teamed up to alert both nations of the threat of ransomware, illustrating the harmful impact of these cyberattacks to individuals and organizations all over the world.

The United States Computer Emergency Readiness Team (US-CERT) within the Department of Homeland Security (DHS) and the Canadian Cyber Incident Response Centre (CCIRC)