This article appeared in Cybersecurity Law & Strategy, an ALM publication for privacy and security professionals, Chief Information Security Officers, Chief Information Officers, Chief Technology Officers, Corporate Counsel, Internet and Tech Practitioners, In-House Counsel. Visit the website to learn more.
It is hardly news that cyber incidents are front of mind for companies. Whether costly data thefts, pernicious data manipulation attacks, or crippling ransomware or disruptive denial of service attacks, cyberattacks are trending toward greater frequency, severity and sophistication. Geopolitical tensions have further increased the risk. In fact, the New York State Department of Financial Services recently warned its regulated entities to be alert for an increased risk of malicious cyber activity directed at United States industries and government agencies by highly cyber-capable Iranian actors and proxies. The New York Times reports a 41% increase in 2019 in the number of files hacked in ransomware attacks, and notes that according to American authorities, several of these attackers have operated with the protection of their governments and have helped their governments by passing along hacked files.
