NIBA Features Article on Ransomware During COVID and Proactive Cyber Hygiene: Authored by Braden Perry

NIBA Features Article on Ransomware During COVID and Proactive Cyber Hygiene: Authored by Braden Perry

NIBA features article by Braden Perry on ransomware during COVID and proactive cyber hygiene as part of cybersecurity awareness month.

Earlier this year, the COVID-19 pandemic caused businesses to rapidly deploy a remote workforce, which created new challenges for financial firms, but also an opportunity for hackers to gain access to IT systems and sensitive information.

“Among the most dangerous cyber threats is ransomware, malware that encrypts user or system files. The cyber actor then demands a ransom to restore the data through the use of a decryption key. These attacks have escalated since the pandemic began and continue to rise among financial institutions through remote desktop protocol (RDP) vulnerabilities. These attacks have occurred with varying levels of debilitating damage, from affecting various systems to complete shutdown, with the cyber actors generally threatening to release victim data publicly, in addition to leaving systems locked if ransom demands are not met.”

To read this article in full:

About Kennyhertz Perry’s Privacy, Cybersecurity, and Breach Management Practice Group

Kennyhertz Perry assists clients with data security needs, blending traditional legal experience in the corporate and litigation arenas with technical acumen.

We assist clients in prevention, developing robust information security programs, including administering internal compliance and risk assessments, which include the development and implementation of corporate policies and procedures required for compliance with state and federal privacy and security laws, and information security best practices; information security policies; records retention and management policies.

In addition to prevention, Kennyhertz Perry can prepare security incidence response procedures, identify, assess, contain, and mitigate privacy and security breaches, and work with law enforcement to assist in the investigation of the incident. Businesses that are the victims of cyber attacks also must determine when and how to cooperate with government agencies during the investigation of an attack, and how best to do so. The lawyers in our privacy and cybersecurity practice, as well as members of our Government Enforcement practice group, have deep experience, from both government and private practice, in this area, and help companies navigate the often complicated interactions with government agencies, and can provide both counseling and representation where the threat of prosecution may arise.

Kennyhertz Perry also assists with IT resiliency understanding and engaging at the top management and board level. Traditionally, IT has been misunderstood, and management would not understand the role and responsibility of IT departments. Kennyhertz Perry bridges this gap at all level. At the Board level, directors not only need to be sophisticated with business issues, but they also need to be versed in today’s cyber and IT. Translating an understanding of the importance of a proactive IT security policy, and feeling like the company is “on board” with IT security efforts. Many companies have very robust policies and procedures for their business processes, which sophisticated Board members can understand. IT is different. It’s a different language for a business person, and unfortunately, most Board members will ignore or defer on issues they don’t understand. So when an IT department presents a robust plan for proactive IT security, it may go ignored or disregarded. This can lead to a reactive plan only that focuses on the “when” as opposed to prevention. IT is a different language. We serve as Board IT/cybersecurity liaison to be the “go-between” and translate the IT language into business and vice versa.

To learn more about Kennyhertz Perry, LLC, please visit

*The choice of a lawyer is an important decision and should not be based solely upon advertisements.