Skip to Main Content
Services Talent Knowledge
Site Search


June 6, 2024

Kevin Szczepanski and Renato Smith Interviewed for Buffalo Business First Article on How to Respond to a Cyberattack

Kevin Szczepanski and Renato Smith, co-chairs of Barclay Damon’s Data Security & Technology Practice Area, were interviewed for the Buffalo Business First article “Beyond the Breach: How WNY Companies Reacted to Cyber Attacks” about Barclay Damon’s experience with a cyberattack and the importance of sharing information and staying vigilant. 

In January 2023, Barclay Damon experienced a cyberattack via a phishing email that appeared to be legitimate. The firm uses Microsoft Sentinel, which detected the suspicious activity early on, allowing the firm’s IT team to begin the process of solving the issue. The firm carried out its incident response plan and investigated the email account that was impacted.

“Then, we had to review the contents of that entire account to determine whether it contained any protected information of any particular individuals,” Kevin said. “It looked like the threat actor wasn’t after the protected information, but that he was fishing around for other contacts inside our law firm to create more phishing attacks on other people. What we found was there was no indication that the threat actor had actually reviewed any of this information in the email account, but we couldn’t completely rule it out.”  

Despite no client suffering harm from the event, Barclay Damon erred on the side of caution and notified any affected individuals and reported the incident to federal regulatory agencies. As a result of this experience, the firm increased its use of multifactor authentication, employee training, and test phishing emails to identify gaps in employee training. 

While all these steps are helpful, they don’t guarantee that a cyberattack won’t happen. Kevin said, “Prevention is the ultimate goal, but practically, that’s probably not doable. So, it’s more about what can we do to reduce risk to the fullest degree possible.” He continued, “If organizations think about these things now and work to develop the most robust cyber hygiene they can, then when this inevitably happens, they’ll have a happy ending.”

Buffalo Business First subscribers can read the full article here.

Featured Media


NYS Department of Health Publishes Amended Proposed Cybersecurity Regulations for Hospitals


FTC Noncompete Rule Survives—For Now


New York Trial Court Finds Uber Is Not Vicariously Liable for Driver's Negligence


ERISA Forfeiture Lawsuits: Navigating the Emerging Legal Landscape


EU Leads the Way on Artificial Intelligence Regulation


End of An Era: SCOTUS Overturns Chevron After 40 Years of Deference to Administrative Agencies

This site uses cookies to give you the best experience possible on our site and in some cases direct advertisements to you based upon your use of our site.

By clicking [I agree], you are agreeing to our use of cookies. For information on what cookies we use and how to manage our use of cookies, please visit our Privacy Statement.

I AgreeOpt-Out