No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 157: Sarah Glover, Maynard Nexsen Cybersecurity Attorney
Overview of Cybersecurity in Government Contracts
On April 14, the OCC released a letter providing more details on the recent security breach involving its email systems. The breach — identified as a major incident under the Federal Information Security Modernization Act...more
On April 8, the OCC announced it had notified Congress of a major information security incident, as required by the Federal Information Security Modernization Act. The incident involved unauthorized access to emails and their...more
In May, Santander Bank faced a significant cybersecurity breach that affected millions of its customers and employees worldwide. The hacking group ShinyHunters claimed responsibility for the attack, which also targeted...more
On October 27, the Federal Trade Commission (FTC or Commission) published a final rule expanding data breach notification requirements for certain financial institutions (Final Rule). Federal Register, will require entities...more
Financial institutions are in a tough spot- caught between the “bad guys” (state-sponsored cyberattacks and cyber criminals) and “good guys” (ever more aggressive regulators)- what’s a bank to do??? Tune in to find out!...more
The Massachusetts State Police Commonwealth Fusion Center (CFC) believes that cyber actors may use the current bank failures for future phishing and business email compromise (BEC) attacks. Cyber actors often use current...more
Banking organizations must notify the appropriate agency within 36 hours of certain computer-security incidents; and banking service providers must notify affected banking organizations as soon as possible in the event of an...more
On November 18, 2021, three US agencies – the Office of the Comptroller of the Currency (OCC), the Federal Reserve Board (FRB) and the Federal Deposit Insurance Corporation (FDIC) – issued a joint rule concerning...more
On November 18, 2021, the Federal Deposit Insurance Corporation (FDIC), the Board of Governors of the Federal Reserve System (FRB), and the Office of the Comptroller of the Currency (OCC) issued a joint final rule (the...more
On November 18, 2021, the Federal Reserve, Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC) approved a new final rule regarding reporting of cyber incidents for U.S. banks...more
The Office of the Comptroller of the Currency (OCC), the Federal Reserve Board (FRB), and the Federal Deposit Insurance Company (FDIC), have issued a notice of proposed rulemaking (Proposed Rule) that would require a banking...more
Cybersecurity company Carbon Black recently issued are port of the results of a survey of chief information security officers (CISOs) of financial organizations, which showed that the financial industry is getting hammered by...more
Cybersecurity company Carbon Black recently issued a report of the results of a survey of chief information security officers (CISOs) of financial organizations, which showed that the financial industry is getting hammered by...more
New Year’s is a time to look back on the happenings of the year and focus on the lessons and reminders those events have provided. For our final newsletter of the year, we’d like to share with you our top 10 most read posts...more
As cybersecurity attacks have continued to gain prominence as a threat posing critical risk management and compliance challenges for financial institutions, the Securities and Exchange Commission (SEC) has emerged as an...more
We all remember Kronos—the malicious malware that was sold by Russian underground forums in 2014 for $7,000. If you bought it, you were promised updates and development of new modules. ...more
We reported last week that a spyware maker recently compromised users’ and victims’ sensitive information. Since that time, another spyware maker, mSpy, which holds itself out as having over a million users employing its...more
A new ransomware, dubbed “Ryuk,” has surfaced in the last few weeks and is said to be targeting large organizations in the United States. The attackers behind Ryuk have reportedly made more than $640,000 in just two weeks,...more
TCM Bank, a subsidiary of ICBA Bancard Inc., notified some 10,000 credit card applicants in the past week that their names, addresses, dates of birth, and Social Security numbers were compromised between March 2017 and the...more
In a lawsuit against its insurance company requesting reimbursement for close to $2.4 million from two different hacking incidents, National Bank of Blacksburg detailed the intrusions, which are instructive of a sophisticated...more
We previously reported that the FBI has warned consumers about a nasty malware, known as VPNFilter and believed to have been launched by a Russian government hacking group, which is infecting hundreds of thousands of small...more
On April 10, the Federal Financial Institutions Examination Council (FFIEC) members issued a joint statement discussing cyber insurance and its potential role in the risk management programs of financial institutions. ...more
Cybersecurity Task Force Launched in Arizona - Arizona Governor Doug Ducey launched the Arizona Cybersecurity Team (ACT) by Executive Order on March 1, 2018. The ACT is comprised of 22 members representing officials from...more
U.S. Estimates that Cyber Hacks Cost Up to $109 Billion in 20 - The Council for Economic Advisors (CEA) issued a report this month, entitled “The Cost of Malicious Cyber Activity to the U.S. Economy,” which concludes that...more
Lazarus, the well-known hacking group responsible for the WannaCry ransomware attack from last year, as well as the attack on the Bangladesh Central Bank and Sony, is now targeting global financial firms and Bitcoin adopters...more