The U.S. Securities and Exchange Commission (“SEC”) recently identified cyberthreats as an enforcement priority (see 2021 Examination Priorities).  Within months of the Commission’s announcement, the Commission brought three enforcement actions* which resulted in sanctions against eight investment advisory firms who failed to report cyber related attacks, failed to adopt,  or failed to implement proper cybersecurity policies in
Continue Reading A Cybersecurity Wake Up Call: SEC Sanctions Eight Firms for Cybersecurity Deficiencies

The need to input a username and password when logging into a computer is a “single factor” authentication. But, from a security perspective, that single factor authentication only goes so far. Consider, for example, the ramifications if a hacker steals or guesses your username and password. What information could be compromised?

For law firms, cybercrime and data breaches have become
Continue Reading The Invaluable Benefits of Multi-Factor Authentication

In the span of a few short months, the number of phishing attacks targeting smartphones as the entry point to enterprise networks has risen by more than a third.  Indeed, one cybersecurity company found a 37% increase in mobile phishing attacks worldwide between November 2019 and early 2020.*

As previous blog posts have observed,** phishing emails have long
Continue Reading Rise of Mobile Phishing Scams

Smart speakers – like Google Home and Amazon Echo – have changed the way our homes/offices function.  Indeed, these voice-activated speakers execute simple commands provided by voice or smartphone application.  With nothing more than a question, one can direct the smart speaker to, among other things, play music and podcasts, provide a weather forecast, or set an alarm.

The technology
Continue Reading Hey Google: Are You Alone?

With much of the American workforce (and educational systems) working remotely, reliance upon videoconferencing software for workplace and educational collaboration has increased significantly. One of the more widely embraced platforms during the pandemic is Zoom Video Communications, Inc. (“Zoom”). According to the New York Times, around 600,000 people downloaded the Zoom application on March 15, 2020. And, for anyone
Continue Reading Opportunist Hackers “Zoom-Bombing” and Infiltrating Videoconferences Amid Coronavirus Pandemic

As the coronavirus (“COVID-19”) causes countless companies and employers to implement remote working environments, millions of Americans will be working from home.  It is, therefore, critically important to remain vigilant about cybersecurity best practices.

As observed in recent news alerts, cybersecurity threats, perpetuated by opportunistic cyber-criminals preying on a vulnerable virtual workforce, are on the rise.   In fact, hackers around
Continue Reading Cyber Threats on the Rise During COVID-19 Pandemic

As we become increasingly reliant upon our phones, we make ourselves more vulnerable to cyberattacks.  Indeed, Experian’s 2020 edition of its annual Data Breach Industry Forecast details five predictions for data breach trends, including three that are likely to impact the smartphone user.*

One of Experian’s predictions is that cyber criminals will move to “smishing” attacks.  What the heck
Continue Reading Industry Forecast for Data Breaches 2020: What All Smartphone Users Should Know

Cybersecurity remains a real concern for businesses and individuals alike.  We are reminded of this by a recent Department of Homeland Security (“DHS”) warning wherein the DHS indicates there will likely be an increase in cyber threats due to heightened tensions with Iran.  In addition to advising that we should be prepared for increased phishing attacks, the DHS also recommended
Continue Reading The Department of Homeland Security Reminds us of the Importance of Cybersecurity

In my search for ESI-centric information that would pique my readers’ interest, I came across an interesting article/blog about digital privacy written by Thorin Klosowski, in which he details seven (i.e., one per day) simple ways to secure your digital life.*  Because I found the plan easy to implement and steeped in wisdom, I decided to share Klowoski’s recommendations.  While
Continue Reading Seven Simple (Cyber) Security Suggestions for September

As mentioned in my last blog post, there are data breach notification laws on the books in 48 states, including New York.  On July 25, Governor Cuomo signed into law Senate Bill 5575, the “Stop Hacks and Improve Electronic Data Security Act” (the SHIELD Act), which had passed the Legislature on June 17, 2019.

The SHIELD Act amends New
Continue Reading What is New York’s Data Breach Notification Statute? And Does it Impact Me?