Business Cyber Risk
Analyzing the Global Impact of Cybersecurity, Law, and Business Risk
Business Cyber Risk

StopRansomware.gov – the U.S. Government’s One-Stop Resource for Ransomware

The U.S. Government has launched a new resource to help combat the ransomware pandemic. Below is the relevant information it has shared: The U.S. Government launched a new website to help public and private organizations defend against the rise in ransomware cases. StopRansomware.gov is a whole-of-government approach that gives one central location for ransomware resources…

Read More

Ransomware! What is it and how do you better protect against it?

Just as one pandemic — COVID-19 — seems to be winding down, another — THE RANSOMWARE PANDEMIC — is now wreaking havoc on our society with full force. Critical Information You Need to Help Better Protect Your Practice and Your Clients From Ransomware, my article in the July 2021 Texas Bar Journal, attempts to provide…

Read More

Reimagining Cyber Podcast: So You’ve Been Hacked, Now What?

I was a guest recently on the Reimagining Security Podcast and recorded the episode “So you’ve been hacked, now what?” Here is a link to a detailed and informative blog post about the episode and the actual episode.   As detailed in the blog post, we covered these key topics and a few more: reasonable cybersecurity…

Read More

Kaseya Ransomware Attack – Yet Another Lesson in Humility and the Need for Resilience Preparation

In the Kaseya ransomware attack the REvil threat actor group achieved exponential reach by compromising a tool that managed service providers (MSPs) use to manage their customers networks to encrypt the networks of those companies that were customers of the MSPs. Current estimates are that around 60 of Kaseya’s MSP customers were compromised and that…

Read More

URGENT – Kaseya MSP Management Software Used to Drop Ransomware Encryptor

This is an urgent alert from my friends at SpearTip: Kaseya VSA Users Under Ransomware Attack *More information will be added to this article as our engineers investigate* SpearTip’s engineers have become aware of an urgent ransomware incident in progress affecting Kaseya VSA. The only way to prevent breaches is to block Kaseya VSA whether…

Read More

Ransomware Payments May Be Tax-Deductible

[T]he U.S. government also offers a little-noticed incentive for those who do pay: If you pay a ransom, it may be tax deductible. The Internal Revenue Sservice offers no formal guidance on ransomware payments, but multiple tax experts interviewed by the Associated Press said deductions of ransomeware payments as a cost of doing business are…

Read More

Podcast: #DtSR Episode 449 – TPA Tuma on A Watershed Moment for US Cyber

I was a guest recently on the Down the Security Rabbithole Podcast with Raf Los and James Jardine for episode 449 titled TPA Tuma on A Watershed Moment for US Cyber.  It is always fun to join the #DtSR Podcast and this time was no disappointment! In Episode 449 we discuss legal proceedings and what could…

Read More

MFA Could Have Prevented the Ransomware Attack on Colonial Pipeline, According to its CEO

On June 8, 2021, Colonial Pipeline CEO Joseph Blount testified to a U.S. Senate committee about the recent ransomware attack on the company. While most of the attention to his testimony has been focused on the propriety of paying the roughly $4.4 million ransom payment to the DarkSide hacking group, I believe there is a…

Read More
%d