Cyber Security Resource Center
Cyber Security Resource Center
“Shared Defense is not a choice, but an imperative.”
– J. Chris Inglis, U.S. National Cyber Director
Over the last year, the risk of cybersecurity incidents has grown for governments, companies, non-profits, and other organizations, as the data we store and the devices with access to such data have reached new heights, and as bad actors have proliferated and grown more sophisticated. The risks that organizations face have increased as their IT environments have become more complex and reliant on the software and systems of third-party vendors, who themselves may experience incidents affecting customer data. The war in Ukraine and economic sanctions against Russia have complicated the regulatory landscape as more individuals, groups, and infrastructure are added to global sanctions lists. Cyberattacks have shut down operations across school districts and at colleges, challenged hospitals in their handling of patient information, and triggered disinformation and misinformation about the security of our election systems.
We work with clients to help them be aware of critical cyber risks, prepare for incidents, and take steps to reduce the likelihood and impact of a potentially damaging compromise. We have served as lead counsel on some of the highest profile ransomware attacks and other breaches of recent years, coordinating all response components, including responding to regulatory inquiries and investigations, defending clients in multi-jurisdiction litigation, engaging on public and customer relations issues, advising on contractual obligations and remedies, and working with forensic investigators, credit monitoring firms, and crises communications professionals to provide an integrated, cost-effective, and seamless response to data security incidents.
In addition to data loss, these incidents raise significant business and legal risks, including damage to brand and reputation, disruption of business operations, and triggering of contractual and regulatory obligations. We have helped Fortune 500 companies and other leading companies respond to dozens of significant ransomware incidents and have experience with wide-ranging ransomware variants including BlackCat/ALPHV, LockBit, Conti, Ryuk, REvil/Sodinokibi, WastedLocker, Maze, MegaCortex, Nephilim, SunCrypt, and Harma.
Morrison Foerster is uniquely positioned to provide insights into and counsel on all facets of cyberattack preparedness and response. Our market-leading global Privacy + Data Security team has decades of collective experience helping clients navigate these and other pressing issues. Visit our new Privacy + Data Security Litigation practice page to learn how our team can help your company with potential litigation arising from a breach.
The Biden Administration’s National Cybersecurity Strategy Calls for a Shift Toward More Cybersecurity Regulation
The National Cybersecurity Strategy details the Biden administration’s efforts to bolster the nation’s cybersecurity amid an evolving threat landscape.
Cybersecurity Month: Privacy Tips You Can Use
We want to make sure that you are as secure as a MoFo in your online digital life, so our team of global associates in the Privacy + Data Security Groupn have recorded a series of quick tips on what you can do now to keep your personal data safe.
Cybersecurity Awareness Month Resource Guide - 2022
Review the latest MoFo and governmental insights on how to protect yourself from cyberattacks and the steps you should take in their aftermath.
Staying Ahead of Cryptocurrency Hacks and Legal Risks
Learn how crypto businesses can understand and stay ahead of security threats and legal risks facing the industry.
Should Ransomware Payments Be Banned? A Few Considerations
Alex Iftimie talks about the possible repercussions of such legislation and, in general, about the evolving nature of ransomware attacks and the current global efforts aimed at fighting the ransomware threats.
NYDFS Considering Significant Updates to Its Cybersecurity Rule
The New York Department of Financial Services recently released new draft amendments to its controversial cybersecurity rule that would include significant changes.
China PIPL: Data Export Regime Starts to Take Form
After more than nine months since the PIPL came into effect, three new regulatory developments will provide guidance on the administrative procedures and detailed rules to implement the cross border transfer rules.
Cybersecurity Is a Male-Dominated Field, but Cybersecurity Law Doesn’t Have to Be
Miriam Wugmeister spoke to LegalTech News about the gender imbalance in cybersecurity, and whether this will translate to cybersecurity law.
Ransomware and the Healthcare Industry
Nathan Reilly, Kate Driscoll, and Melissa Crespo authored an article for Compliance Today discussing the impact of ransomware attacks on healthcare organizations.