Description
Cyberattacks are becoming more common each day, protect yourself and your company from online attacks and threats.
Business information systems are under constant attack from malicious hackers who attempt to monetize data through theft and extortion. Businesses that fall victim to these attacks may suffer the loss of data, money, and productivity. They may also incur liability through thirdparty claims and fines and penalties from regulators. This topic, presented by a former federal cyber attorney whose team manages responses to over 2,000 data breaches annually, will provide administrative professionals with unique insight into online threats to businesses so that they can better understand and manage the risk. It will review trends in the regulatory environment to provide an understanding of the various notification obligations that may arise from a data security incident and the sense of urgency needed for compliance with them. It will also review several measures to help administrative professionals prepare for and respond to data security incidents to protect their businesses from financial and reputational harm.
Date: 2023-01-26 Start Time: 1:00 PM ET End Time: 2:05 PM ET
Learning Objectives
Trends in Online Malicious Activity
Full-Scale Extortionate Criminal Business Models
• Business Development
• Research and Development
• Marketing and Communications
• Accounts Receivable/Collections
Effective Execution of Attacks
• Thorough, Persistent, Patient Reconnaissance
• High-Value Targets: Managed Service Providers, Critical Supply Chain Providers
• Expertise With Multiple Attack Vectors
• Customized Malware and Legitimate Applications Used for Malicious Purposes
Sophisticated Attacks
• Extortionate Encryption/Exfiltration Attacks
• Extortionate Email Compromises
• Email Compromise
The Dark Web
• Hosting Services
• Anti-Virus Services
• Digital Payment Services
Trends in the State and Federal Regulatory Environments
• Expansion of the Definition of Personal Information
• Expansion of Imposition of Time Limits Within Which Consumer and Regulatory Notification Must Be Provided
• Expansion of Assessments on Businesses to Fund State Operations Budgets
Review of the Financial Implications of a Data Breach to Explain the Economic Risks of a Data Breach
• First-Party Costs
• Third-Party Costs
• Remediation Costs
• Fines and Penalties
Best Practices in Preparing for and Responding to Data Security Incidents
• Ransomware Attacks and Business Email Compromises
• Incident Response Planning and Table
• Third-Party Contract Review to Reduce Liability
• Resources Available Through Cyber Insurance Policy
• Develop Preventive Cybersecurity Measures
• Develop Comprehensive Data Backup and Restoration System
• Establish a Culture of Security
ASAP PACE ,IAAP ,Additional credit may be available upon request. Contact Lorman at 866-352-9540 for further information.
Sean B. Hoar-Lewis Brisbois Bisgaard & Smith LLP
