cybersecurity

HHS Publishes Roadmap of New Strategy for Cybersecurity in the Healthcare Sector

By Ryan P. Blaney, Michael Menconi & Matthew J. Westbrook on December 8, 2023

The U.S. Department of Health and Human Services (HHS) recently issued a strategy paper highlighting key aspects of its plan to revamp cybersecurity requirements in the healthcare industry. Citing a 93% increase in large data breaches in healthcare from 2018 to 2022 and a rapid increase in ransomware attacks against…

SEC Revisits Regulation S-P After Twenty Years of Innovation to Information Technology

By Nolan Goldberg, Ryan P. Blaney, Robert E. Plaze, Robert Pommer, Robert Sutton & Mark S. Audet on April 4, 2023

On March 15, 2023, the U.S. Securities and Exchange Commission (“SEC”) released its proposal to amend Regulation S-P: Privacy of Consumer Financial Information and Safeguarding Customer Information (the “Proposed Amendments”), while simultaneously issuing two additional cybersecurity-related rule proposals and re-opening the comment period for its previously proposed cybersecurity risk management…

2022 Trends in Privacy and Data Security Law

By Jonathan Mollod & Jeffrey Neuburger on March 16, 2023

As the National Security Agency (NSA) noted in its 2022 cybersecurity yearly review, “[c]yberspace is dangerous.”

Reports of sophisticated cyberattacks and ransomware threats were prevalent in the past year. The government, manufacturers, and others further developed standards for securing digital infrastructure like 5G, cloud services, cryptography, internet protocols, and…

Held to Ransom: How Cyberattacks Can Become a Legal and Regulatory Odyssey for a Private Investment Fund

By Ryan P. Blaney, Margaret A. Dale, Dorothy Murray, Todd J. Ohlms & Jonathan M. Weiss on September 22, 2022

Where business-critical information or platforms are at stake, many commercial parties will seriously consider immediately paying the ransom hoping to regain control of operations, secure client data and avoid continued business disruption and negative publicity. However, businesses may wish to pause. Cyberattacks, by their very nature, know no borders and…

DOJ’s Civil Cyber-Fraud Initiative Secures More Than $9 Million in Two False Claims Act Settlements for Alleged Cybersecurity Violations

By Ryan P. Blaney & Matthew J. Westbrook on July 21, 2022

Last fall, the United States Department of Justice (“DOJ”) launched its Civil Cyber-Fraud Initiative (“CCFI”) as part of its effort to “combat new and emerging cyber threats to the security of sensitive information and critical systems.” Led by the Civil Fraud Section of DOJ’s Commercial Litigation Branch, the CCFI leverages…

Noteworthy Trends in Privacy and Data Security

By Jeffrey Neuburger & Jonathan Mollod on March 9, 2022

Reports of sophisticated cyberattacks and ransomware threats dominated 2021 headlines, along with evolving state data privacy laws in the absence of comprehensive federal data protection regulation. Cross-border data transfers between the EU and US still lack a clear, streamlined mechanism while national authorities continue to negotiate an EU-US Privacy Shield…

“Log4Shell” Vulnerability Has Potential to Compromise Millions of Devices

By Ryan P. Blaney, Will S. Chuchawat & Vincent J. Tennant on December 13, 2021

Cybersecurity experts around the world are scrambling to sound the alarm about a newly discovered security vulnerability that could be used by attackers to easily infiltrate computer systems.

INDEPTH: Data Protection & Privacy Laws 2021

By Ryan P. Blaney & Margaret A. Dale on August 12, 2021

A heightened risk for cyberattacks and data breaches calls for companies to remain diligent as they navigate a patchwork of federal, state, local and sector-specific privacy and data protection laws, regulations and guidance. For Financier Worldwide, Margaret A. Dale and Ryan P. Blaney deliver commentary on the evolving landscape…

Proskauer on Privacy