Cybersecurity Resource Center

“Emerging cyber threats require engagement from the entire American community to create a safer cyber environment—from government and law enforcement to the private sector and, most importantly, members of the public.”

– the Cybersecurity and Infrastructure Security Agency (“CISA”)

There’s no question that the pandemic has increased companies’ vulnerability to cyberattacks. More companies’ employees are working remotely, and thieves are leveraging that change—as well as public fear—to conduct hacking campaigns. Some of the more common attack methods include:

• Business email compromises: Email compromises trick employees into making fraudulent business payments, often by compromising the account of and impersonating a colleague or vendor.
• Malicious apps: People working from home tend to jump among personal and company-owned devices. Meanwhile, more and more fraudulent mobile applications are being added to app stores, where they can be downloaded and compromise users’ devices.
• Videoconference bombing: Because employees have been working remotely and have not been able to meet in person, the use of videoconferences has risen significantly. So too has the disruption of videoconferences with pornographic, hateful, or threatening images and content.
• Scams and fraud targeting individuals: The FBI warns of social media messages, emails, and phone calls that seek to scam people for money, or to phish account access, under the guise of purported COVID-19 testing, financial relief efforts, or medical equipment.

Morrison & Foerster is uniquely positioned to provide insight and counsel on the various facets of cyberattack preparedness and response. Our market-leading Global Privacy + Data Security team has decades of collective experience helping clients navigate these and other pressing issues. Visit our new Privacy + Data Security Litigation practice page to learn how our team can help your company with potential litigation arising from a breach.

PDF

Your Pre-Breach Checklist

Being prepared is the key to being resilient. Follow these 10 steps.

Resource

Are you prepared for a significant breach?

Learn what you need to know to prepare to for a significant breach before it occurs, and the key steps to take in the first 48 hours after a breach.

Resource

Beyond the Breach: Through the Lens of a Litigator

Our “Beyond the Breach” series offers useful insights into what you can do after a data breach to support your organization for the inevitable legal battles ahead.

Podcast

Cyber Space with John Carlin

In this Cyber Space with John Carlin podcast episode, learn about efforts to coordinate cybersecurity policy across the public and the private sectors.

Client Alert

Preserve Privilege and Protect Work Product

A recent court decision departed from courts that have consistently held incident-response reports must be protected from disclosure by either the attorney-client privilege or the attorney work product doctrine.

Article

What Should Boards Think About After a Breach?

It’s about employing systems and processes, not placing blame.

Article

Ransomware – Time for the Government to Act

The only way to stop the cycle is to take the profits away.

Video

The U.S. Is a Soft Target for an Iran Cyberattack

Watch John Carlin’s appearance on CNBC’s The Exchange, where he discusses the cyber threat the U.S. could face from Iran.

Article

Dawn of the Code War

In his new book, John Carlin provides invaluable insights to companies on how the U.S. is fighting back against international cyberattacks.