Photo of Kristin Hardy

Kristin focuses on trademark clearance, trademark prosecution and enforcement, trademark litigation, copyrights, data privacy, and various IP infringement matters, as well as WIPO UDRP matters.

Ransomware – a demand for a monetary payment to regain access to one’s data or network – continues to rock the charts as cyber criminals’ go-to, get-rich-quick scheme. As we know, the pandemic spurred the work-from-home or hybrid movement that likely will continue for years to come. With more and more employees working from home, more data is being shared remotely, leaving the door open for missed or inadequate computer and technology security. Phishing and fraud schemes and social engineering methods used to demand ransom are particularly attractive as they target and take advantage of the number one security risk – a company’s people.
Continue Reading Multi-Factor Authentication: The New Norm for Cyber Insurance Coverage

Quite often, business data can be characterized as intellectual property. But you want to share your data with the world, or maybe just customers or clients. This can be tricky. Improper, premature, or unlawful disclosure of certain intellectual property can be damaging and detrimental to your business. So, how do you protect it?

As you have read here on Privacy and Data Security Insights, data privacy is concerned with properly handling one’s personal data – ensuring you get consent, provide notice, and meet applicable regulatory obligations. Another concern should be whether or how data is shared with third parties. However, it is essential to remember that some data, depending on the content, may be considered and protected as intellectual property.
Continue Reading The Intersection of Data & Intellectual Property: You Want to Share it, but How do You Protect it?

You might think your run-of-the-mill privacy and cybersecurity training is sufficient. You might think that by “checking the box” on generic training you have fulfilled your duty and obligation to mitigate data privacy and cybersecurity attacks. You might think that general malware protection adequately secures your company’s data and you can move on with your everyday business efforts without concern.

Think again.
Continue Reading Think Again on Cybersecurity Training – Human Error Continues to Drive Numbers on Cybersecurity Attacks

You may have heard of a security vulnerability from December 2021 called Log4j that allows attackers to remotely gain control of a vulnerable device. You may also think this is old news and no longer an issue.  Wrong. According to an April 26, 2022 report from researchers at the cybersecurity company Rezilion, there are currently over 90,000 vulnerable internet-facing applications and more than 68,000 servers that are still publicly exposed. That’s right – four months after the vulnerability was disclosed, a majority of affected open-source components remain unpatched and companies continue to use vulnerable versions of this tool. So, what is it anyways and do you need to take any action to mitigate the risk?
Continue Reading Apache Log4j Security Vulnerability Is STILL a Problem – What is it, Who Does it Impact, and Should I do Anything About It?

On October 8, 2021, President Biden signed the bipartisan K-12 Cybersecurity Act of 2021 (the “Act”) in response to K-12 educational institutions facing cyber-attacks across the United States. The types of cyber incidents targeting K-12 information systems include denial of service, phishing, ransomware and malware, and other unauthorized disclosures of personal information.

While the Act itself does not detail specific requirements for K-12 educational institutions, it seeks to address the increasing risk of cybersecurity incidents by authorizing the director of the Cybersecurity and Infrastructure Security Agency (CISA) to conduct a study on the specific cybersecurity risks currently facing K-12 educational institutions. The director has 120 days from the enactment of the Act to complete the study. The director will then have an additional 60 days to issue recommendations that include cybersecurity guidelines to assist K-12 educational institutions in responding to the cybersecurity threats described in the director’s study. In conjunction with cybersecurity recommendations, CISA will be developing an online training toolkit to educate school officials about the recommendations and to help ease the implementation of the recommendations by providing strategies for officials to take such action.
Continue Reading K-12 Cybersecurity Act: Federal Government Seeks to Improve Security for America’s Educational Institutions

As we all prepare for what will undoubtedly be an unconventional holiday season, many of us are turning to our computers to check off items on our shopping list instead of bundling up to head to the mall. Online shoppers around the nation have already made the strongest showing in history with $10.8 billion in sales on Cyber Monday alone, which amounts to a 15.1% increase from last year, while foot traffic in brick and mortar stores was down 42.3% for Black Friday weekend. With the recent spikes in COVID-19 cases around the country, staying home and having those packages delivered right to your door step might seem like the safest way to go, but cyber criminals are pouncing at the online shopping frenzy to steal consumers’ personal and financial information.

This increased threat has been a common thread throughout 2020, as we saw cyber criminals amp up their tactics during the early days of the coronavirus crisis and when Americans received their CARES Act stimulus checks. Indeed, the bad guys are not taking a break because of COVID-19.  The FBI reports that cybercrimes are up an astonishing 400% this year. Now it is more important than ever to understand how these criminals operate and how you can avoid falling victim to these crimes so that you can keep your celebrations holly and jolly.
Continue Reading ‘Tis the Season…for Scams and Cybersecurity Threats