On March 5, 2020, the University of South Carolina School of Law will host the 2nd annual National Cybersecurity Legal Institute in Columbia, South Carolina. In partnership with the Federal Bureau of Investigation, the School of Law's Cybersecurity Legal Task Force and national experts will raise awareness about the dangerous ransomware threat landscape and discuss best practices for preventing and responding to the ransomware threat vector.
“Ransomware attacks are becoming more sophisticated and clearly pose as an escalating threat for the foreseeable future,” task force director Karen Painter Randall explains. “Ransomware has a devastating impact on all organizations, causing a loss of sensitive information, disruption to operations, financial loss and harm to an organization’s reputation. Simply put, ransomware can put you out of business.”
Any organization that possesses important data stored on their computer or network is at risk and a primary target for a ransomware attack. According to malware lab, Emsisoft, attacks on government agencies, educational establishments, and healthcare providers increased sharply in 2019 — affecting at least 966 organizations — and resulted in billions of dollars of damage.
In these industry sectors particularly, attacks threatened the health, safety and lives of hundreds of thousands of people who depended upon these services.
- Emergency medical services became unavailable causing emergency room patients to be redirected to other hospitals; critical digitized medical records could not be accessed by physicians for treatment causing them to resort to paper records.
- Sensitive school and student information was accessed and exfiltrated resulting in costly notification.
- The State of Louisiana declared a state of emergency twice due to ransomware attacks on its school districts, city hall etc. Police department systems were encrypted resulting in a disruption of services and lost evidence.
“The fact that there were no confirmed ransomware-related deaths in 2019 is simply due to good luck, and that luck may not continue into 2020,” said Fabian Wosar, Emisoft’s chief technology officer, in a post on the company’s blog. “Governments and the health and education sectors must do better.”
Of course, ransomware is not isolated to these sectors. Companies and law firms of all sizes have gone out of business because of a successful attack.
The provenance of ransomware attacks is not new. What is new is the hackers’ level of sophistication and innovative approach to this threat vector. These attacks also are caused by a lack of cybersecurity preparedness.
The Institute’s mission is to shed light on the rapidly evolving threat landscape, the impact of ransomware attacks on an organization and strategies behind successfully navigating a response to an attack. Some of the important issues to be explored at the Institute include:
- Defining and identifying ransomware
- How a ransomware attack occurs
- Response options to a ransomware attack
- The legal implications of paying or not paying the ransom
- The types of insurance available to cover the cost of a ransomware attack
- Best practices for preventing a ransomware attack including a discussion on Cybersecurity and Infrastructure Security Agency's new ransomware resources
Who Should Attend?
- In-House Counsel
- Chief Information Security Officers
- Risk Managers
- Financial Institution Leadership
- Educational Institutions Leadership
- State and Local Government Leadership
- Healthcare Sector
- Insurance Brokers and Carriers
The Institute has been approved for 5.83 hours of CLE credit.
Tickets to the Institute are available online at https://uofsclaw.us/2020Cyber for $250. Government and non-profit employees can purchase tickets for a discounted price of $150. University of South Carolina faculty, staff and students who register with their sc.edu email address are admitted free of charge.
The University of South Carolina School of Law is located at 1525 Senate Street in Columbia, South Carolina. For more information about the Institute, contact firstname.lastname@example.org.