Herb Stapleton's FBI Experience Proves to be Asset to Dinsmore's Corporate Team
Former FBI Executive and Cybersecurity Leader Herbert Stapleton Joins Dinsmore’s National Corporate Practice
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
The cybercrime group known as Scattered Spider is at it again, according to Google’s Threat Intelligence Group. This criminal group is known to focus its cyber attacks on one sector at a time. Last spring, it was the retail...more
Continuing its controversial and aggressive approaches to cybersecurity, the U.S. Securities and Exchange Commission (SEC) recently charged four current and former public companies for purportedly “materially misleading...more
As the last two years have clearly demonstrated, no organization is immune from cyberattacks. Indeed, numerous studies have reported that a majority of businesses have been impacted by at least one cyberattack over the past...more
More than a decade ago, I expressed concern about the Securities and Exchange Commission's predilection for targeting victims of crimes. That concern related to an enforcement action against a company that had been...more
The SEC recently issued an order and settlement against a company from a pair of cyberattacks in which millions of dollars of client funds were stolen. While the company was able to recover a portion of the funds and...more
A New York federal district judge handed down a significant decision dismissing much of the SEC's securities fraud enforcement action against SolarWinds arising from its claims relating to SolarWinds' cybersecurity policies,...more
AT&T Inc. announced in a July 12, 2024, SEC filing that hackers stole a cache of six months’ worth of mobile phone customer data, illegally downloading the records from a workspace account at the cloud-service provider...more
Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more
Cybersecurity compliance, governance, and disclosure practices have evolved significantly over the past decade. As we have noted in prior blog posts, the U.S. Securities and Exchange Commission is requiring cybersecurity...more
Threat actors are evolving. Our Privacy, Cyber & Data Strategy Team explains how ransomware gangs have changed their tactics and how companies can respond to the threat while navigating new scrutiny from investors and...more
In 2024, businesses will continue to face an evolving landscape of cyber threats, along with an increasingly complex regulatory environment. With heightened scrutiny from regulators, consumers, and investors, the need to...more
Prepare your organization to stay one step ahead in the ongoing battle against cyber and IT risk management. As organizations increasingly leverage third-party services and cloud technologies, cybercriminals are becoming...more
The Most Significant Developments in Cybersecurity and Cyber-Related Liability Risks - As we reflect upon 2023, it will unfortunately be remembered as a record-breaking year for ransomware and cybercrime....more
Companies are increasingly choosing not to pay ransom for ransomware and extortionware due to the growing associated risks. In fact, a recent report by crypto-crime analyst firm Chainalysis found that payments to threat...more
Hello and welcome to the inaugural edition of Troutman Pepper’s Cyber Capsule. The Cyber Capsule gathers noteworthy news from the prior month and groups them here. You might be asking yourself why am I receiving this? Well,...more
When US President Joe Biden signed the Infrastructure Investment and Jobs Act (IIJA) into law on November 15, 2021, $2 billion was allocated to strengthen the nation’s cyber defenses. With this heightened focus on cyber risk...more
Late 2021 and early 2022 have been full of federal government activity related to cybersecurity incident reporting. Congress passed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 to require mandatory...more
In a few short weeks, the global loss attributable to cybercrime is expected to surpass $6 trillion.* Therefore, in an effort to protect financial institutions and consumers from further loss, agencies including the United...more
Ransomware attacks are on the rise. Lax security measures, which have become more acute in the work-from-home environment, continue to be exploited. Companies' systems are hacked into, their data is encrypted, and they face...more
The U.S. Securities and Exchange Commission (“SEC”) recently identified cyberthreats as an enforcement priority (see 2021 Examination Priorities). Within months of the Commission’s announcement, the Commission brought three...more
The SolarWinds cyber-attack was devastating in scope and impact. If any lesson can be learned from this event, the SolarWinds case presents all the pitfalls, enforcement and reputational damage, rolled into one tragic series...more
Sabre Corporation, the travel technology company, agreed to pay $2.4 million as a settlement with twenty-seven (27) State Attorneys General for a 2017 data breach involving hotel booking services....more
Ransomware is a Serious and Growing Problem - In recent years, Ransomware has evolved from merely encrypting files/disabling networks in solicitation of ransom, to sophisticated attacks that often involve actual data...more
On September 15, 2020, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert highlighting the recent uptick in “credential stuffing” cyber-attacks against SEC-registered investment advisors...more
On Feb. 22, 2018, the Securities and Exchange Commission (SEC) issued its first interpretive guidance since October 2011 on public companies’ cybersecurity risk and incident disclosure obligations. ...more