No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 157: Sarah Glover, Maynard Nexsen Cybersecurity Attorney
Overview of Cybersecurity in Government Contracts
Episode 282 -- CISO and CCOs -- The Evolving Partnership
INTRODUCTION - The Protection of Critical Infrastructures (Computer Systems) Bill (the "Bill"), as the first law in Hong Kong to deal with cybersecurity was passed on 19 March 2025, and will come into force on 1 January 2026....more
Microsoft has confirmed that vulnerabilities in its on-premises SharePoint Server installations, a network spoofing vulnerability (CVE-202549706), and a remote code execution vulnerability (CVE-2025-49704) are being actively...more
When the lights stayed on in Kyiv during a wave of missile attacks in early 2024, Ukrainian officials quietly acknowledged a second line of defense that received far less public attention than the nation’s air-defense...more
In today’s always-online world, cyber resilience is a business imperative. For midsize and fast-growing small companies, the stakes have never been higher. The convergence of artificial intelligence (AI), increasingly...more
If you own an electric vehicle, keep an eye on cybersecurity issues that may affect your car and its accessories. You wouldn’t think that an electric vehicle charger could include a vulnerability that allows threat actors to...more
For those who grew up gripping a joystick and dodging alien fire in Defender, riding ostriches through floating platforms in Joust, or crossing a hectic freeway in Frogger, winning wasn’t about memorizing rules; it was about...more
The SafePay ransomware group has been active since fall 2024 and has increased its activity this spring and summer. According to NCC Group, SafePay hit the most victims of any threat actor in May 2025—it is linked to 248...more
Enterprises don’t have a staffing problem. They have a systems problem. In a recent engagement, we were engaged to help improve a global SOC operation. Despite having over 30 analysts on staff, the team was missing...more
Everyone thinks they can spot a phish. Whether it is an email, SMS text, or QRish phishing, people have an overinflated view of their capabilities to detect them....more
SAP Netweaver Visual Composer users are urged to patch a critical vulnerability that attackers are actively exploiting. According to ReliaQuest, which detected the vulnerability, the attacks allow full system compromise...more
On April 8, the Office of the Comptroller of the Currency (OCC) officially notified Congress of a significant information security incident involving its email system. This notification, mandated by the Federal Information...more
Organizations seeking to improve their cybersecurity posture in 2025 must assess what happens after an incident has occurred, and how an incident response team will be able to mobilize to respond. This article provides...more
Financially motivated cybercriminals are increasingly targeting Cloud environments in their ransomware and/or extortion attacks. The attack activity of two (2) threat groups in particular – Octo Tempest (AKA Scattered Spider)...more
Major U.S. companies targeted by North Korean threat actors disguised as remote IT workers. Multiple individuals responsible for stealing millions of dollars have already been apprehended by U.S. authorities....more
In today's fast-paced digital world, businesses often seek to access a global pool of skilled professionals by turning to remote talent to fill gaps in their IT needs. Although this practice has many advantages, it also...more
Cyber issues are seldom out of the news, from ransomware attacks and espionage to non-malicious outages that cause widespread concern. Organizations need to protect themselves against both current and future risks and...more
ComplexDiscovery Editor’s Note: Sandra Joyce’s keynote at the Tallinn Digital Summit 2024 offers a vital look into the shifting dynamics of the cyber threat landscape. As an annual gathering of leaders from the digitally...more
In late June, the staff of the U.S. Securities and Exchange Commission’s Division of Corporation Finance released five new compliance and disclosure interpretations regarding the disclosure of material cybersecurity incidents...more
The New York Department of Financial Services issued a cybersecurity advisory on November 1, 2024, regarding a growing threat posed by North Korean operatives seeking remote IT roles at U.S. companies. These operatives secure...more
Unit 42 recently reported that it has identified “Jumpy Pisces, a North Korean state-sponsored threat group associated with the Reconnaissance General Bureau of the Korean People’s Army, as a key player in a recent ransomware...more
As the last two years have clearly demonstrated, no organization is immune from cyberattacks. Indeed, numerous studies have reported that a majority of businesses have been impacted by at least one cyberattack over the past...more
Scammers are always looking for new ways to dupe victims. If you battle your weight, you think about it a lot and are always looking for easier ways to lose some pounds. There is no easy way, but we are always looking for an...more
Hong Kong has witnessed a notable surge in cyber breach incidents in recent years. The cyberattacks have affected various organisations across the public, private and non-profit sector. Cybersecurity incidents recorded a...more
In this post in our series on basic cybersecurity concepts for lawyers, we address open-source software (OSS) supply chain risk. OSS is software developed using an “open-source” protocol, meaning that its code is fully...more
On August 21, 2024, the United States Cybersecurity and Infrastructure Security agency, alongside government agencies in key global allies, including Australia, the UK, Canada, and Japan, released guidance on event logging...more