Archives: Data Security Incident Response

Subscribe to Data Security Incident Response RSS Feed

2023 DSIR Report Deeper Dive: U.S. Employee Privacy Developments

Photo of Jennifer MitchellPhoto of Justin T. YedorPhoto of Frederick C. BinghamBy Jennifer Mitchell, Justin T. Yedor and Frederick C. Bingham on Posted in Data Security Incident Response
Among the many developments in data privacy regulation that took place over the past year, new requirements relating to employee personal information in California and New York have deservedly received a lot of attention. Meanwhile, ongoing risks arising under older laws—such as the massive verdict in the first jury trial of a claim under the … Continue Reading

Deeper Dive into the Data

Photo of Elise ElamBy Elise Elam on Posted in Data Security Incident Response
Every year, BakerHostetler collects and analyzes various metrics about the incident response matters we handle. In 2022, we handled over 1,160 incidents. The most striking trends we saw across those incidents were an overall increase in the average ransom demands and payments, as well as an increase in recovery times in certain sectors. We also … Continue Reading

2022 DSIR Deeper Dive: Increased Regulatory Scrutiny of Cybersecurity Incidents

Photo of Teresa Goody GuillénPhoto of Andreas KaltsounisBy Teresa Goody Guillén and Andreas Kaltsounis on Posted in Data Security Incident Response
Our 2022 Data Security Incident Response Report discussed the increased regulatory scrutiny of cybersecurity incidents and defenses following a year of high-profile and damaging cyberattacks, including the Russia-based SolarWinds espionage campaign and the Colonial Pipeline ransomware attack. This article summarizes several U.S. government actions aiming to improve the nation’s cybersecurity and the government’s ability to … Continue Reading

2022 DSIR Deeper Dive: Vendor Incidents

Photo of Stefanie FerrariBy Stefanie Ferrari on Posted in Data Breaches, Data Security Incident Response
Vendor-caused incidents continued to surge in 2021. Nearly 20 percent of the total incidents we handled last year were caused by vendors, with more than half requiring notification. As in prior years, vendor incidents involved phishing schemes and inadvertent disclosures but primarily resulted from ransomware attacks on the vendors’ systems. These ransomware attacks often involved … Continue Reading

The Impact of Data Security Incident Trends on Commercial Transactions: Part I – M&A

Photo of Craig CarpenterBy Craig Carpenter on Posted in Data Security Incident Response
The 2021 edition of BakerHostetler’s annual Data Security Incident Response Report – a report based on the firm’s experience with data security incident response and litigation over the past year – features a number of important insights previously covered on this blog including trends in global breach notification, healthcare industry risks and ransomware. The Report is … Continue Reading

Data Breach Enforcement Is a Global Risk

Photo of Seungjae LeePhoto of Nichole SterlingBy Seungjae Lee and Nichole Sterling on Posted in Data Security Incident Response
The 2021 edition of BakerHostetler’s annual Data Security Incident Response Report highlights some regulatory enforcement trends we saw from the European Union (EU) data protection authorities (DPAs) during the past year. EU DPA enforcement actions increased significantly in 2020, as DPAs followed up on personal data breach notices and individual complaints and also launched investigations … Continue Reading

Incident Response and Forensic Challenges in a Work-from-Home World

Photo of Joseph L. BruemmerBy Joseph L. Bruemmer on Posted in Data Security Incident Response
Our 2021 Data Security Incident Response Report discussed the challenges that organizations are facing with forensic investigations and ransomware recovery in the work-from-home world. Some of the greatest difficulties our clients encountered in the past year involved key components of incident response — communicating with employees, resetting remote user passwords, and deploying endpoint detection and … Continue Reading

The Scourge of Ransomware

Photo of Craig A. HoffmanPhoto of Elise ElamBy Craig A. Hoffman and Elise Elam on Posted in Data Security Incident Response
Our 2021 Data Security Incident Response Report (DSIR) described ransomware as a scourge. There are stories every day about new threat actor groups and their victims. There are task forces, law enforcement initiatives, discussions by legislators about laws to help address the problem, and real-world impact from operational disruption (such as panic-buying of gas). Most … Continue Reading

Seventh Annual Data Security Incident Response Report Released – Disruption and Transformation

Photo of Theodore J. Kobus IIIBy Theodore J. Kobus III on Posted in Data Security Incident Response
Welcome to our seventh Data Security Incident Response Report (DSIR). It has been quite a year from many perspectives. Thank you to everyone we have continued to partner and work with to create this report. We are excited to soon launch a new digital platform version, and we intend to update this version throughout the … Continue Reading

DSIR Deeper Dive: Regulatory Investigation Landscape

Photo of Lynn SessionsPhoto of Patrick H. HaggertyPhoto of Kimberly GordyBy Lynn Sessions, Patrick H. Haggerty and Kimberly Gordy on Posted in Data Security Incident Response
HIPAA-covered entity and business associate breaches continue to draw attention from the Office for Civil Rights (OCR) and other regulators. In almost every HIPAA incident we handled in 2019 involving more than 500 individuals, OCR issued a data request. While OCR investigations can be burdensome, few of them result in penalties. State attorneys general have … Continue Reading

DSIR Deeper Dive: The Ransomware Epidemic

Photo of Anthony P. ValachBy David Kitchen and Anthony P. Valach on Posted in Data Security Incident Response
Ransomware is among the most common and persistent threats faced by organizations of all sizes. In 2019, the ransomware threat landscape worsened in several significant ways: (1) average demands increased more than tenfold; (2) all industry segments saw increases in attack frequency, with stark increases seen by education and government entities; and (3) several threat … Continue Reading

DSIR Deeper Dive: Using Compromise Threat Intelligence

Photo of Craig A. HoffmanBy Craig A. Hoffman on Posted in Data Security Incident Response
Organizations are under tremendous pressure to be agile and resilient. A key part of building a mature cybersecurity posture to enable the goals of the organization is conducting ongoing risk assessments and then implementing risk-prioritized measures. Organizations contact us during this process to ask what emerging threats to guard against. Our answer always includes a … Continue Reading

Sixth Annual Data Security Incident Response Report Released – Managing Enterprise Risks and Leveraging Data in a Digital World

Photo of Theodore J. Kobus IIIBy Theodore J. Kobus III on Posted in Data Security Incident Response
We are excited to present our sixth Data Security Incident Response Report (DSIR). We hope this issue finds you safe and healthy while working from home (WFH). Each year, we talk about last year’s trends and where we think the current year is taking us. Ransomware was, and continues to be, a big issue. We … Continue Reading

Deeper Dive: GLBA-Regulated Financial Institutions Reduce Your Cybersecurity Risk With Rigorous Oversight of Third-Party Service Providers

By Eulonda Skyles on Posted in Data Security Incident Response
Financial institutions that are subject to the Gramm-Leach Bliley Act (GLBA) can find practical tips that address their unique data security challenges in the 2019 Data Security Incident Report (DSIR). It appears that money remains a strong motivating force for many threat actors. According to the 2019 report, finance and insurance remain among the sectors … Continue Reading

Deeper Dive: Security Incident Mitigation Strategy: Effective Negotiation of Technology Contract Limitations of Liability

Photo of Janine Anthony BowenBy Janine Anthony Bowen on Posted in Data Security Incident Response
There is always significant negotiation around caps on liability when negotiating a contract with a technology vendor. If the vendor will have access to the personal information of its customers’ end users (regardless of whether the end users are employees or customers), treatment on caps on liability take on heightened importance. In fact, limitations of … Continue Reading

Deeper Dive: The Scourge of O365 Incidents

Photo of M. Scott KollerPhoto of BakerHostetlerBy David Kitchen, M. Scott Koller and BakerHostetler on Posted in Cybersecurity, Data Security Incident Response
A Growing Menace 2018 saw a continuation of companies moving toward cloud-based email systems. Phishing incidents targeting those systems followed suit. Fully one-third of incidents addressed by our incident response team in 2018 involved unauthorized access to an online email account. Phishing attacks continued to dominate the types of cyberattacks organizations experienced in 2018, owed, … Continue Reading

Deeper Dive: GDPR a Game-Changer for Data Breach Notification

Photo of Andreas KaltsounisBy Laura E. Jehl and Andreas Kaltsounis on Posted in Data Breach Notification Laws, Data Security Incident Response, GDPR
When the EU General Data Protection Regulation (GDPR) took effect on May 25, 2018, it dramatically changed the way multinationals manage the reporting of personal data breaches. It also substantially raised the stakes: Entities found to have violated the GDPR’s data security and breach reporting obligations could face much steeper regulatory fines than those available … Continue Reading

Fifth Annual Data Security Incident Response Report Released – Managing Enterprise Risks in a Digital World

Photo of Theodore J. Kobus IIIBy Theodore J. Kobus III on Posted in Data Security Incident Response
We are excited to release the fifth edition of our annual Data Security Incident Response Report. This year’s report provides metrics from the 750+ potential incidents our team led clients through in 2018, as well as “Take Action” segments that feature insights from our team on key response items. Because it is our Report’s fifth … Continue Reading

Deeper Dive: Using Response Time Metrics to Drive Incident Response Preparedness & Response Improvement

Photo of Craig A. HoffmanBy Craig A. Hoffman on Posted in Data Security Incident Response
One of the most important metrics in our report is the incident response (IR) timeline, which tracks the average time it takes companies to detect, contain, fully investigate, and provide notification of the incident to individuals. The metric is valuable because it helps entities identify areas where they can improve before an incident occurs and … Continue Reading

Canadian Breach Notification Requirements Take Effect November 1

Photo of Melinda L. McLellanPhoto of Julie HeinBy Melinda L. McLellan and Julie Hein on Posted in Data Breach Notification Laws, Data Security Incident Response
On April 18, 2018, the Canadian government published long-awaited Breach of Security Safeguards Regulations specifying the requirements for notifying the Office of the Privacy Commissioner and affected individuals of data breaches that pose a “real risk of significant harm.” The Regulations will come into force on November 1. As we previously reported, the Digital Privacy Act, … Continue Reading

Deeper Dive: Forensics

By Will R. Daugherty on Posted in Data Security Incident Response
A company’s ability to quickly and effectively conduct a forensic investigation is often critical to limiting the impacts of a data security incident, determining the scope of the incident and developing an effective communications plan. In BakerHostetler’s 2018 Data Security Incident Response Report, we analyzed over 560 data security incidents that we worked on in … Continue Reading

Deeper Dive: Take Action to Close the Largest Cause of Data Security Incidents – Your Employees

By David Kitchen on Posted in Data Security Incident Response
If you work at a typical company, employee actions and inadvertent disclosures present the greatest threat to the security of your data. Therefore, providing proper training and technical safeguards is one of the most important means to enhance your company’s security profile. In BakerHostetler’s newly-released 2018 Data Security Incident Response Report, we assisted our clients … Continue Reading

Deeper Dive: Key findings From Baker Hostetler’s 2018 Data Security Incident Report

By Laura E. Jehl on Posted in Data Security Incident Response
In our 2018 Data Security Incident Report, “Building Cyber Resilience: Compromise Response Intelligence in Action,” we identify and analyze the most important trends and takeaways from the more than 560 incidents we handled last year. These incidents affected nearly every industry and impacted anywhere from a single individual to millions of people. Our report distills … Continue Reading
LexBlog