Blog

The modern security challenges facing law firms are more complex than ever. Regardless of its size, a firm is obligated to follow the data breach laws established in all 50 states, which require disclosure within a reasonable time following a cyber attack. This has forced law firms to take preventative measures to mitigate the risk of a breach by implementing security policies and procedures.

Organizations More Susceptible to Ransomware Attacks During Weekends & Holidays
In a recent survey, 37% of security professionals admitted their organization does not have contingency plans for a prompt response to ransomware attacks during the weekends and holidays. Read Article

The Department of Defense (DoD) has suspended the original cybersecurity certification program pending major changes. On November 4, 2021, the DoD announced the completion of an internal review of its Cybersecurity Maturity Model Certification (CMMC) program and the release of Model 2.0.

Patricia Fisher, President and CEO of JANUS Associates, Inc. is one of the Founding Partners of the Connecticut Technology Council (CTC) and continues on the board in addition to leading the Cyber Security Task Force. Ms. Fisher is also involved in other technology-oriented associations.

Cybercriminals Sell Access to International Shipping, Logistics Giants
The underground is offering initial access brokers with entry to companies key in global supply chains. Read Article
A Russian-based group has masqueraded as a legitimate cyber security consultancy. The Baston Secure company website, logo displayed as BS, hosted and hired multiple jobs for cyber security specialists and offered what appeared to be legitimate cyber security services.

Data breaches, insider threats, loss of client trust—these are all security and privacy threats all organizations face today. Learn more about what action Privacy and Security Professionals are taking today. #PSR21

In coordination with the Cyber Bytes Foundation, GENEDGE is hosting CMMC Industry Day. Join JANUS, industry leaders, and businesses as we gather to share ideas, resources, and best practices for navigating Cybersecurity Maturity Model Certification (CMMC) compliance.

It was reported today that a former executive of a health care provider accessed the Protected Health Information (PHI) of nearly 38,000 Individuals. Conflicting accounts also suggest 3rd party vendor involvement although that has not officially been confirmed.

New Ransomware Encrypts Your Data & Makes Nasty Threats, Too
A group behind the new ransomware variant threatens to go beyond encrypting data in their attempts to force victims to pay up. Read Article

Here are the highlights from this month’s events as we join a growing national effort to spread awareness of cyber security and privacy in an increasingly connected world.

T-Mobile Confirms Data Breach Affects Over 47 Million People
The stolen files include personal info such as names and social security numbers. Read Article

LockBit Ransomware Gang is Now Hiring Corporate Insiders
The group is hiring corporate insiders to infiltrate and encrypt corporate networks. In exchange, these insiders-cum-partners are promised millions of dollars. Read Article

Looking at the cybersecurity headlines from the past few years, we’ve seen significant data breaches happening more frequently and increasing in severity. At the same time, the cost of cyber insurance is rapidly rising, coverage limits are shrinking, and loss exclusions are more so than ever.

The Connecticut (CT) State Legislature has enacted major changes to CT Data Breach Notification Laws, effective October 1, 2021. These changes are a direct result of the worsening threat landscape, and it is safe to say that regulations will most likely continue to be enacted at both the state and federal levels.  

IBM Report: Data-Breach Costs Hit 17-Year High of $4.24M
Data-breach costs jumped nearly 10% from an average of $3.86 million to $4.24 million per incident over the past year. Read Article

U.S. Announces New 2nd Round Cybersecurity Requirements for Critical Pipeline Owners
The Department of Homeland Security on Tuesday required owners and operators of critical pipelines that transport hazardous liquids and natural gas to implement "urgently needed protections against cyber intrusions." Read Article

From January 2020 through May 2021, New York State Department of Financial Services (NYDFS) regulated companies reported in excess of 70 Ransomware attacks ranging from costly shutdowns to disruptions in business operations. Successful Ransomware attacks continue to escalate in total numbers and overall severity, with no sector safe from an attack. Government agencies, companies, educational institutions, and nonprofits are all targets. 

Microsoft's Emergency Patch Fails to Fully Fix PrintNightmare RCE Vulnerability
The fix for the remote code execution exploit in the Windows Print Spooler service can be bypassed in certain scenarios.
Read Article

Approximately 66% of hacked organizations expressed uncertainty that they could ever fully recover. Getting hacked or falling prey to Ransomware is a big deal—for you, your business, your customers, and your employees!

CVS Health Faces Data Breach,1B Search Records Exposed
Over 1 billion search records were accidentally posted online in a CVS Health data breach in late March, as reported by an independent cybersecurity researcher. Read Article

Ransomware and hacking is a major problem and effective cyber security is the only way to safeguard your operations and assets. The risk of not taking care of business is losing your business.

If you've been reading the news at all lately, you know that cybersecurity is more important now than ever. After a series of devastating cyber issues, the entire economy was shaken.

Here's what you need to know. The past week has shown how fast attack capabilities can evolve. To follow are key timely events impacting Cyber Security that we here at JANUS Associates believe worthy of your note. For your convenience, we've compiled all articles here where they will also be archived for future reference.

New call-to-action
New call-to-action

Subscribe Here!