If you are a corporate compliance officer, government relations professional — or serve as legal counsel to someone who is — there is perhaps nothing more important than having access to current...
By Cindy McCracken | LexisNexis UX Research Lead
Six in 10 workers said new business software had frustrated them in the past two years, according to a November 2021 survey published by Gartner, Inc...
By Aba Acquaah
Today’s increased corporate focus on climate change, social justice, diversity and inclusion, and overall employee wellness corresponds with an added company stakeholder push to...
By Timothy Haney
In the aftermath of the 2020 presidential election, corporate legal professionals engaged in months of speculation about how the Biden Administration might bring a different approach...
Litigators are expected to cover every base when developing briefs for a case, so one of the tasks they often undertake is to compare opposing briefs and motions, one argument at a time. This enables them...
It’s no secret that the cyber threat landscape has intensified since spring 2020, when many businesses switched to remote work in rapid fashion—sometimes delaying safeguards. But now, even if you have some cybersecurity protections in place, heightened uncertainty and sophisticated threat actors can increase your company’s cyber risk.
The uptick in cyber threats to large and small companies has involved email phishing schemes, ransomware attacks with large ransom demands, fraudulent wire transfers and help desk scams. How can you keep threats to your network, data and business in check?
Drawing on insights shared by technical and legal leaders from Kroll and BakerHostetler, this article highlights three ways to help you enhance data protection and mitigate risk.
Your IT department and security team are often at odds. The primary focus for IT may be making sure a technology implementation will work, while security focuses on potential vulnerabilities. Both perspectives are important, and decision‑makers need to manage the dynamic.
Layering the following technical controls in your network makes it much harder for an intruder to enter.
Concerned about the possibility of a data breach or ransomware attack, many companies already have at least some of the components listed above in place, but layering them is key to combating today’s threats. Said Andreas Kaltsounis, partner at BakerHostetler, “We’ve been talking about multifactor authentication for years, but now we’re driving home that you’ve got to have multifactor identification on VPN or remote desktop connections to potentially prevent an enterprise-crippling event.”
In a ransomware situation, engage your crisis response team and, if applicable, your cybersecurity consultant. Kaltsounis also said it’s always a good plan to contact law enforcement to find out about potential connections to sanctioned parties.
Companies must perform due diligence in order to really know, or attempt to know, who they are considering paying. If your company doesn’t already have procedures in place for OFAC diligence and clearance, Kaltsounis recommends adopting a robust diligence process now and documenting it so that if questions come up later, you can demonstrate the process you used.
Relevant law enforcement to contact can include the FBI, the Secret Service, the Department of Homeland Security (DHS) or a state law enforcement agency. Kaltsounis noted that not only does the FBI take incident reports, investigate, try to find the people involved and bring charges against them, but they also may be able to share intelligence with victim organizations to help them understand who is attacking, what techniques they are using and possibly what details can help organizations kick the attackers out of the network.
“Over the past decade, the FBI has gotten very good at working with victim organizations in a non-threatening, non-confrontational way,” said Kaltsounis. “Our feeling is that in almost every case, there are far more benefits to engaging with law enforcement than not engaging with them. With the recent OFAC advisory, I think it’s even more important.”
This article is presented by LexisNexis on behalf of the author. The opinions may not represent the opinions of LexisNexis. This document is for educational purposes only and does not guarantee the functionality or features of LexisNexis products identified. LexisNexis does not warrant this document is complete or error-free.
About LexisNexis® Legal & Professional LexisNexis Legal & Professional is a leading global provider of legal, regulatory and business information and analytics that help customers increase productivity, improve decision-making and outcomes, and advance the rule of law around the world. As a digital pioneer, the company was the first to bring legal and business information online with its Lexis® and Nexis® services. LexisNexis Legal & Professional, which serves customers in more than 150 countries with 10,600 employees worldwide, is part of RELX, a global provider of information-based analytics and decision tools for professional and business customers.