11.01.2019

The Monthly Ten

By Emily Short

The Monthly Ten

We’re moving from the Weekly Five to the Monthly Ten!

The top ten must-reads of the month

We like to write our own articles, but we think others do it well, too

1. Happy National Cybersecurity Awareness Month! Check out DHS’ 2019 National Cybersecurity Awareness Month Toolkit with cybersecurity information and helpful tips

This article was originally for the month of October, but we still believe it is a great read! October 1st marked the beginning of National Cybersecurity Awareness Month (NCSAM). During October, the government and industry worked together to raise awareness of cybersecurity issues and help promote educational materials. This year, the Department of Homeland Security (DHS)  focused on, “citizen privacy, consumer devices, and eCommerce security.” To assist with NCSAM efforts, the DHS provided a NCSAM 2019 Toolkit with cybersecurity information and helpful tips. Check to out this article to learn more about these helpful tips (JDSupra)

2. Baltimore decides to purchase $20M in cyber insurance following the ransomware attack that crippled its systems this summer

Baltimore, which was the victim of a widely publicized ransomware attack earlier this year, is buying $20 million in cyber insurance from Chubb Ltd. and Axa XL. Check out this article to learn more about the specifics of their cyber insurance program (Business Insurance)

3. Wood Ranch Medical has decided to close its doors following a ransomware attack that infected its servers containing electronic medical records

Another healthcare provider has announced it will be permanently closing its doors as a direct result of a ransomware attack. The devastating attack occurred at Wood Ranch Medical in Simi Valley, CA, which recently announced that the practice will permanently close on December 17, 2019. Check out this article to learn about how this attack occurred and what the exact consequences from the attack were (HIPPA Journal)

4. For the first time since 2016, The FBI’s Internet Crime Complaint Center (IC3) posted a warning to U.S. businesses and organizations about ransomware that “health care organizations, industrial companies, and the transportation sector,” are being targeted

Although the attack methodologies continue to evolve, with cyber-criminals doing all they can to avoid detection, the FBI highlights three attack techniques that are being observed. Check out this article to learn more about the three attack techniques cybercriminals are utilizing. (Forbes)

5. Shareholder files securities suit against Capital One following the recent data breach that involved the personal information of over 100 million customers in the U.S. and another 6 million in Canada

In the latest securities class action lawsuit to be filed against a company that has experienced a data breach or other cybersecurity incident, a plaintiff shareholder has filed a securities suit against Capital One in connection with the company’s recent massive data breach. Check out this article to learn more about the details of the lawsuit (D&O Diary)

6. Amazon’s new “smart” products raise a number of privacy concerns, particularly the smart glasses known as “Echo Frames”

In what appears to be a much broader strategy to get its Alexa-powered devices out of the home and into everyday life, Amazon unveiled recently a brand-new product lineup of Amazon Echo devices. Check out this article to learn how these new devices may be blurring the lines between wearable devices and surveillance gear (CPO Magazine)

7. New York recently filed suit against Dunkin’ Donuts alleging they failed to protect customers’ information following breaches that occurred in 2015 and 2018

Dunkin’ Donuts violated state law by not notifying almost 20,000 customers, including more than 2,000 in New York, about cyberattacks on their accounts in 2015 and inadequately warning more than 300,000 customers in 2018 about another attack. Check out this article to learn why The New York Attorney General’s Office filed this lawsuit and how Dunkin’ Donuts responded (Insurance Journal)

8. Cyber-attacks against smart buildings could create havoc especially for those that run mission-critical processes like hospitals or prisons

Smart buildings may be at much greater risk of cyber attacks than originally thought, based on the findings of a new report from global cybersecurity firm Kaspersky. Check out this article to find out more on Kasperky’s report (CPO Magazine)

9. The Senate just passed a bill that authorizes the Department of Homeland Security (DHS) to invest in and develop “incident response teams” to help organizations battle ransomware attacks

The U.S. Senate has approved new legislation aimed at helping government agencies and private-sector companies combat ransomware attacks. The legislation comes as local governments and schools continue to be hit by sophisticated – and in some cases coordinated – ransomware attacks. Check out this article to learn more about the new piece of legislation (ThreatPost)

10. Foreign adversaries are targeting critical infrastructure systems; our cybersecurity standards need to continue to evolve to protect these systems and still let innovation flourish 

It is no secret that foreign adversaries are becoming increasingly aggressive in attempting to infiltrate America’s critical infrastructure systems. At the Federal Energy Regulatory Commission or FERC, we are charged with overseeing the development and enforcement of cybersecurity standards for the nation’s high-voltage transmission system. An important part of these mandatory cybersecurity standards are financial penalties for non-compliance. Check out this article to learn how cybersecurity is evolving (Fortune)

 

Emily consults on risk management and insurance solutions across a variety of industries, with a particular focus on technology, venture capital, and private equity risks. Emily previously worked as a cyber and technology insurance broker at one of the largest international brokers.  Prior to that, Emily was practicing law, focusing on professional liability insurance defense.  In addition to her Juris Doctor, Emily completed the Certified Information Privacy Professional (CIPP/US) designation and the Registered Professional Liability Underwriter (RPLU) designation.  She is licensed to practice law in Kansas and Missouri and has her Kansas insurance license. Connect with Emily on Linked here