February Cyber update from the Office of Rob Kleeger
Feb 01, 2022 2:16 pm
,
I hope this email finds you and your loved one's safe, secure, and healthy.
All the best,
Rob Kleeger
1010101001010111010101100010100101010010101
Words of Wisdom:
“Always look to learn. Learning something new is a great feeling. The feeling of progress.” – Conor McGregor
CURRENT DATA SECURITY NEWS:
Ransomware attack forces US Steel Company into Bankruptcy
United Structures of America, Inc. (USA) and Green Head LLC have recently filed for bankruptcy. They had over 450 employees and at its peak, annual revenues of $100,000,000.00. In mid-2019, hackers remotely installed ransomware in USA’s computer network and destroyed all of the information on USA’s servers, computers, and computerized machinery. Many of these devices were not only wiped out but rendered unusable by the ransomware.
Exposed records exceeded 40 billion in 2021
According to research by Tenable, at least 40,417,167,937 records were exposed worldwide in 2021, calculated by the analysis of 1,825 breach data incidents publicly disclosed between November 2020 and October 2021. This is a considerable increase in the same period in 2020, which saw 730 publicly disclosed events with just over 22 billion records exposed.
In addition, The Identity Theft Resource Center has released its 2021 Data Breach Annual Report, which you can download by filling out a form. The most striking statistic is that data compromises in 2021 were up 68% over 2020
1010101001010111010101100010100101010010101
CURRENT LEGAL CASE UPDATES:
Advanced Fluid Systems, Inc. v. Huber
(958 F.3d 168, 175–76 (3d Cir. 2020)
The Third Circuit recently ruled on a precedential case involving federal and state law, including principally trade secret misappropriation claims under the Pennsylvania Uniform Trade Secrets Act (PUTSA). The Third Circuit held that Advanced Fluid Systems (AFS) had standing to assert trade secret misappropriation claims under Pennsylvania law even though they did not have contractual possession of the Trade Secrets themselves. Specifically, the Third Circuit reasoned that AFS had “adequately alleged lawful possession of the relevant trade secrets and that ownership, in the traditional sense, is not a prerequisite to a trade secret misappropriation claim.” The Court, in their decision of AFS, relied heavily on the Fourth Circuit’s reasoning in DTM Research, L.L.C. v. AT&T Corp, 245 F.3d 327 (4th Cir. 2001)(involving Maryland’s version of the Uniform Trade Secret Act).
OSI Systems, Inc. v. KM-Logix LLC et al
(1:20-cv-01577 | Virginia Eastern District Court)
When OSI Systems, Inc., a government contractor, alleged that a competitor misappropriated trade secrets to create a copycat website, but had no evidence that the defendant directly shared trade secrets or acquired trade secrets through improper means. The federal district court in Virginia granted Defendants, KM-Logix LLC and three individuals, a motion for summary judgment for trade secrets misappropriation, unjust enrichment, conversion, and breach of contract.
Law firms came ‘dangerously close’ to losing almost a quarter of their associates in 2021, new report says
Call it the great resignation or whatever you want... I know that i've had many conversations with Law Firms of all sizes. Many face problems of recruiting and retaining legal and other professional staff which may prove to be one of the biggest post-COVID-19 challenges law firms face in 2022. The reality is associate turnover rates are hitting record-high levels according to the 2022 Report issued by the Center on Ethics and the Legal Profession at the Georgetown University Law Center and the Thomson Reuters Institute. The report on the State of the Legal Market: A Challenging Road to Recovery is available here.
Finra Arb Panel Orders Firm to Pay $900K Over 'Raid' of Reps
Growth Capital Securities, a registered broker-dealer specializing in private securities, was ordered by Finra to pay Intellivest Securities more than $900,000 in an arbitrated dispute over the employee and client-poaching, according to an agency filing.
1010101001010111010101100010100101010010101
CYBER SECURITY TIPS OF THE MONTH:
Imagine a bank type vault holding your most valued company and/or personal assets protected by a multi-million dollar security system. Can you sleep comfortably if you knew that anyone can penetrate the lock by punching in “12345” on a keypad lock?
Of course you wouldn’t. Yet people and companies often put themselves in a similar position through poor cybersecurity hygiene that leaves their assets vulnerable to attackers (aka hackers).
Some simple tips :
- Invest in a Password Manager - NOT YOUR INTERNET BROWSER!
- Turn on MFA (2FA) on everything - Seriously - Everything!
- Educate Often...In-Person; Train and enforce Online
- Backup - What data do you need restored first?
- Insure - If you don't have cyber insurance or even if you do, not having the above will either prevent or negate your existing policy!
1010101001010111010101100010100101010010101
Don't Forget About Us:
Digital4nx Group, Ltd., a boutique firm that focuses on helping business leaders protect their “crown jewels” through reasonable, defensible, and cost-effective services... Before, During, and After a Data Incident!
Digital4nx Group provides a blend of legal and technology services to Lawyers, Business Owners, IT Professionals, Financial Executives, Trusted Advisors, and Human Resource and Compliance leaders who need a reliable partner to systematically identify, preserve, extract, analyze, and interpret digital evidence.
Our services are commonly used to:
- React and respond by providing litigation support services for plaintiffs or defendants, as well as providing expert testimony and consulting, both in and out of court.
- Proactively identify and provide insights on how to better secure your network and your confidential data
Cyber Security Services
Cyber incidents can be damaging to an organization, both in the short and long term. Digital4nx Group helps business leaders protect their “crown jewels” through reasonable, defensible, and cost-effective services... Before, During, and After a Data Incident! We offer a multi-disciplined approach to cyber services such as:
- Advanced “Ethical Hacking”
- Cyber Risk and Compliance Assessments
- Incident Response to Cyber Incidents or Data Breaches
- Cyber Security Awareness Training
- CISO-as-a-service