No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 157: Sarah Glover, Maynard Nexsen Cybersecurity Attorney
Overview of Cybersecurity in Government Contracts
Thomas v. Corbyn Restaurant Dev. Corp., 111 Cal. App. 5th 439 (2025) - The parties involved in this personal injury lawsuit settled the case for $475,000. An unknown third-party purporting to be plaintiff’s counsel sent...more
Each month, we publish a roundup of the most important SEC enforcement developments for busy in-house lawyers and compliance professionals. This month we examine: • Fraud and internal control failure charges against...more
The SEC is continuing its campaign to overhaul cybersecurity, cyber incident reporting, and privacy controls and requirements for financial services industry registrants, their service providers, and corporate America...more
Regulatory Developments - Agencies Issue Joint Proposal to Strengthen and Modernize CRA Regs - On May 5, the FDIC, the FRB and the OCC issued a joint Notice of Proposed Rulemaking (NPR) to “strengthen and modernize” the...more
On April 20, HaystackID shared an educational webcast developed to discuss best practices for handling big data and provide tangible field-experienced methods for data remediation. These best practices can be implemented at...more
In This Issue. The U.S. Securities and Exchange Commission (SEC) proposed rules to include certain significant market participants as “dealers” or “government securities dealers” to essentially eliminate the trader exclusion...more
In This Issue. The U.S. Securities and Exchange Commission (SEC) proposed a new rule to increase market transparency regarding short selling and extended the comment period for its proposed rule requiring reporting on...more
The regular “Weekly Update” email from the Financial Industry Regulatory Authority (“FINRA”) had an eye-catching warning February 16, urging broker-dealer member firms to heed the “Shields Up” cyber threat warning from the...more
In This Issue. The Federal Deposit Insurance Corporation (FDIC) is seeking information and comment regarding the FDIC’s supervisory approach to examinations during the pandemic; the FDIC’s tech lab, FIDTECH, announced a “tech...more
On March 4, FINRA issued a Regulatory Notice warning member firms not to fall for phishing scam preying on compliance fears. The scam uses a phony email address, supports@finra-online.com, demanding an immediate response to...more
Employers in the financial services sector are facing an unprecedented number of cybersecurity attacks during the pandemic crisis. To put this in perspective, the Financial Industry Regulatory Authority (FINRA) has issued...more
Phishing FINRA - October is cyber-security awareness month, so it’s only appropriate that FINRA started it with another Regulatory Notice warning member firms to beware of a false-survey phishing scheme. The Notice warns...more
US regulators are calling attention to financial firms’ obligations to protect against evolving cybersecurity threats. On October 2, 2019, the Financial Industry Regulatory Authority (FINRA) issued an information notice to...more
FINRA issued their 2019 Report on Examination Findings and Observations ahead of prior years’ reports. FINRA Changes Approach in Communicating Exam Results - This most recent report, issued on October 16, 2019, starts by...more
On December 20, 2018, the Financial Industry Regulatory Authority (FINRA) issued a “Report on Selected Cybersecurity Practices” (the “Report”) as part of its ongoing efforts to assist broker-dealer firms in developing...more
Adding insult to injury, the Securities and Exchange Commission (SEC) fined Voya Financial Advisors Inc. (VFA) $1 million and ordered a comprehensive two-year review by a compliance consultant, following a cyber-attack on...more
Health Care Organizations Saw an 89% Increase in Ransomware in 2017 - Our experience last year is consistent with the conclusion of a new report issued by Cryptonite in its 2017 Health Care Cyber Research Report—that the...more
In an environment where even the largest and most powerful corporations have fallen victim to data breaches, it can be challenging to fathom how to protect against the sophisticated and ever-evolving threat of cyber attacks....more
On August 11, 2015, the SEC announced that it was bringing fraud charges against 32 defendants for their alleged participation in a five-year, international hacking and insider trading scheme. According to the SEC, two...more
I haven’t yet turned to a life of crime, so far be it from me to criticize actual criminals’ profit-maximizing strategies. It’s easy for me to nitpick, but I’m not the one strapping on my mask and trying to earn a...more
I. Cybersecurity; Its Importance and Relevance – How We Got to Where We Are Today - In the past few months, the White House, Home Depot, JP Morgan, Hard Rock Hotels, Tesla, the St. Louis Federal Reserve, the Internal...more
FINRA recently issued a Report on Cybersecurity Practices (“Report”), growing out of its targeted examination of firms last year. To issue the Report, FINRA gave careful consideration to the needs of many broker-dealers for...more
On February 3, 2015, the Securities and Exchange Commission’s (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) released a Risk Alert (the “2015 Risk Alert”) with summary observations from its recently...more
On February 3, the Financial Industry Regulatory Authority (“FINRA”) issued two publications concerning cybersecurity risks at financial firms. The Report on Cybersecurity Practices presents the results of FINRA’s 2014...more
Twin reports provide a roadmap to best practices. U.S. financial markets and participants, much like other segments of the U.S. economy, are prime targets for technological hacks, intrusions, and breaches that can occur...more