Category: Cybersecurity Law
Historic Cybersecurity Act: What You Need to Know about a New Law Affecting U.S. Industries
On March 15, 2022, President Joe Biden signed into law new legislation that will require companies to report data breaches to the U.S. government. Part of the Strengthening American Cybersecurity Act, the new law will impact critical infrastructure operators including financial institutions and other private companies and comes with new obligations surrounding reporting of cybercrimes.
The Influence of COVID-19 on Data Security in Remote Work Environments
While the internet has allowed people to stay connected and continue working from home during the pandemic, it has also presented an opportunity for cybercriminals to take advantage of susceptible remote working setups. Cybercrime has significantly increased since the start of the pandemic, prompting corporations to mitigate the risk of a data breach against an
U.S. Cybersecurity Office Adds Single-Factor Authentication to List of Bad Practices
The U.S. Cybersecurity and Infrastructure Agency (CISA) has added the use of single-factor authentication to their list of Bad Practices. Single-factor authentication is a common low-security method of accessing a computer system. “Single-factor” refers to the verifying of the user’s identity with only one method, typically a username and password. It is considered the lowest
The Do’s and Don’ts of Protecting Yourself Against a Ransomware Attack
Although ransomware is thought to attack high-profile victims like large businesses, hospitals, and police stations, ransomware has become increasingly prevalent in small businesses and home computers. Ransomware is a form of malware that encrypts a computer’s files, rendering the files unusable. The ransomware then holds the files “hostage,” forcing the victim to pay a ransom,
Extra Services Required from Companies with Government Contracts
A recently proposed Illinois law would require companies contracted by the government to provide special software services used to verify that hours billed are “legitimate.” Senate Bill 1326 states that any contract in excess of $100,000 between a contractor and governmental entity, will require all billed hours of work performed on a computer to be
Why Your Business Needs an Incident Response Plan
With businesses storing much of their information online nowadays, cyber-security is of the utmost importance. No matter the size of your business, it is necessary to have an incident response plan in the case of a cyber-security breach. An incident response plan is a document that businesses use to detect, respond to, and resolve issues
Workers Claim Employer Exposed their Personal Data
In yet another troublesome cybersecurity case, employees in Florida have filed a federal case against their employer for inadvertently disclosing their personal information. The company on the hot seat is Lincare Holdings, Inc., a home health care corporation. A human resources employee at the company allegedly divulged workers’ private information when someone pretending to be
Data Breaches: The Unfortunate Highlight of 2017
In 2017 data breaches were one of the most harmful threats to businesses. As discussed in previous articles, a data breach is an event where an individual or a business has its sensitive information exposed. This sensitive information is commonly referred to as Personally Identifiable Information (PII) and includes not just user names and street
Overseas Data May Soon Be Subject to Search
The United States Supreme Court has decided to hear a landmark internet privacy case that will determine whether the U.S. government can demand user-data stored by tech companies abroad, U.S. v. Microsoft. In 2013, federal investigators obtained a warrant for emails and identifying information stored in a Microsoft Outlook account believed to be used for
Illinois Privacy and Cybersecurity Issues
Cybersecurity risks continue to pose threats to an individual’s privacy, as demonstrated by at least two privacy-related hot topic issues in Illinois. The first is the recent Equifax data breach, and the second is the uptick in volume of litigation surrounding the Illinois Biometric Information Privacy Act. First, Equifax disclosed that its data had been