Welcome to the Research Assistant Weekly Newsletter - a subscriber-only resource for insight into emerging compliance challenges, details on peer calls, and links to new Research Assistant reports, documents, tools, and more.

Sponsored by TCN

This might be a little different from our usual compliance weekly newsletter, but we wanted to take a moment to talk about Cybersecurity, and how global events, even if they seem far away, can impact all of us. 

Last week the Cybersecurity and Infrastructure Security Agency (CISA) sent an email urging organizations to maintain a stance of increased cyber vigilance as we approached the first anniversary of Russia’s 2022 invasion of Ukraine. Like me, you probably saw this anniversary in the news headlines and didn’t think too much about how this war could affect your business. Every time there is a world conflict, hackers launch a multitude of cyber-attacks aimed at US businesses. Especially those that maintain consumer data.

CISA has identified that the United States and European nations would experience disruptive and defacement attacks against websites to sow chaos and societal discord. Somewhere someone’s organization was crippled. They might not even be aware of it yet.

CISA offers a website called Shields Up (https://www.cisa.gov/shields-up), which includes guidance on cyber vigilance.

Per CISA, increasing organizational vigilance can be basic things such as:

• Security training including identifying phishing attempts.

• Implementing cybersecurity best practices (Multi-factor Authentication, Data Encryption)

• Increasing resilience (Strong Recovery Plan, Robust Network)

• Having a rapid response plan with your team having designated roles

Do these items look familiar to you? They should because they overlay directly with many of the FTC Safeguards. As cybersecurity attacks become a weaponized response to heightened geopolitical tensions, they are not only designed to grab data for the dark web, but they are also designed to sow chaos and harm in our organizations.

On February 17, 2023, the FBI announced that it is investigating a hack of its computer network. This follows a 2020 Russian cyber hacking of other federal networks and a 2015 Chinese hacking of the Office of Personnel Management (OPM). The hacking threat from these two countries can’t be overstated. According to the U.S. Intelligence Community’s 2021 Annual Threat Assessment, “China can launch cyber-attacks that, at a minimum, can cause localized, temporary disruptions to critical infrastructure within the United States,” while Russia “continues to target critical infrastructure, including underwater cables and industrial control systems, in the United States and in allied and partner countries.”

We are painfully aware of the way these conflicts and cyber-attacks cause us to spend more money on things as a response to the strain we’ve endured on disrupted supply chains. But most of us tend to forget the identified direct threat to our organizations as a response to world conflict and events. The other side of the world is so far away, or is it? Pay attention to the world because it is only a click away.

Top Reads:

• SCOTUS Agrees to Decide Whether CFPB’s Funding Is Unconstitutional but Will Not Hear Case Until Next Term

• FTC Issues Annual ECOA Report to CFPB

• Michigan Federal Court Finds Conflicting Records Concerning Request to Remove Disputed Debt Status Creates Issue of Fact in FDCPA Case

Upcoming Webinars/ Other Announcements:

• Research Assistant sponsor Provana has a new resource page just for Research Assistant members. Check out the new Provana resources and check in for special offers right here. 

• Reminder: Send any topics or questions that you want to discuss to sara@insidearm.com by Thursday to ensure it makes it on our agenda!