Showing 9 posts by Taylor A. Gast.
Recently, international travelers have noticed US Customs and Border Protection agents with increased interest in searching cell phones, laptops, and other portable technology. Employers should be aware that this trend increases the risk that an unauthorized individual will access sensitive company information, which could result in an inadvertent data breach.
Some international travelers have been asked by border agents to unlock cell phones or provide a password needed to unlock the device. One report included a customs agent threatening to seize a travelers' phone if he did not unlock his cellphone. Employers are rightfully concerned that these searches may allow unauthorized individuals to access sensitive company information. Read More ›
In 2016 Lansing, MI's Board of Water and Light fell victim to a cyber-attack that resulted in $2.4 million in costs, including a $25,000 ransom paid to the perpetrators. In the aftermath of the breach, BWL announced that it was filing for a $1.9 million insurance claim under its cyber insurance policy, including $2 million in covered losses, less a $10,000 deductible.
There is a lot at stake for businesses when it comes to cyber-crime, which is why more and more businesses are investigating and purchasing cyber insurance to hedge against the risks associated with cyber security and data privacy. Read More ›
No matter how carefully, thoughtfully and diligently a company works to prevent it, data breaches happen. Company management, IT teams and outside consultants can do everything right and still end up dealing with a breach. That means that knowing how to best respond when (not if) a breach happens should be part of every company’s data protection strategy.
We recommend that every company assemble a security breach team, consisting of individuals inside and outside of the organization who possess different skill sets. This may include technology officers, as well as staff from IT, human resources, communications, legal departments, outside counsel, and outside vendors. The composition of the team will depend on the type and size of the organization, but each member should be in a position and have skills that enable the organization to quickly and properly respond to an incident. The team must also be equipped, authorized and empowered to evaluate and immediately react to an incident once it has occurred. Read More ›
We recently wrote about how a Cyberattack on Lansing, Michigan's Board of Water and Light ("BWL") resulted in costs nearing $2 million for technical support and equipment upgrades. In fact, BWL's total costs have now stretched to $2.4 million, including a $25,000 ransom paid to the attackers. These facts underscore that the costs of such attacks can be enormous, especially when ransomware is involved. Read More ›
A recent decision by the U.S. Court of Appeals for the Sixth Circuit (the “Sixth Circuit”) may make it easier for plaintiffs to bring costly lawsuits against companies that allow sensitive data to fall into the wrong hands. Most troubling from a company's perspective, the Sixth Circuit used language that some states legally require in data breach notification letters to justify allowing the case to move forward. Read more about this case here.
It sounds like something out of a Hollywood screenplay: foreign hackers, possibly from Russia, induce an unsuspecting employee of a major utility company to click on an email attachment that is infected with malware, enabling the hackers to cripple the utility’s computer systems unless a ransom is paid. Unfortunately, this story is fact, not fiction. Read More ›
Employers Should Audit and Update Employment-Related Policies and Agreements in Light of New “Defend Trade Secrets Act”
President Obama recently signed the Defend Trade Secrets Act (the “Act”) into law. The Act creates a new cause of action - which became effective immediately - for trade secret misappropriation.
Prior to the Act, civil claims for trade secret misappropriation were primarily governed by state law. The Act creates federal jurisdiction for claims brought under the Act, which provides plaintiffs with the option to sue in federal court. Read More ›
On June 21, 2016, the Federal Aviation Administration (“FAA”) released its much-awaited operational rules for drones. We have been tracking these rules for the last year. The biggest change from the proposed rules to final rules is that the final rules eliminate the need for commercial drone operators to obtain a manned aircraft pilot's license. Instead, drone operators will have to pass a knowledge test for unmanned aircraft. The test will be administered at FAA approved testing centers nationwide. Read More ›
One of this year's hottest gifts now comes with a registration requirement according to newly-released Federal Aviation Administration regulations.
On December 14, 2015 the FAA announced that drone owners must register with the FAA before their drone's first outdoor flight. The registration requirement applies to drones that weigh between 0.55 and 55 pounds. Noncommercial users may register through a new web-based system while commercial users must submit a paper application at this time. The $5 registration fee will be waived between December 21, 2015 and January 20, 2016, and all drones must be registered by February 19, 2016. The FAA will provide users with identification numbers which must be marked on any drones that a registered user flies. Read More ›