Herb Stapleton's FBI Experience Proves to be Asset to Dinsmore's Corporate Team
Former FBI Executive and Cybersecurity Leader Herbert Stapleton Joins Dinsmore’s National Corporate Practice
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
The One Big Beautiful Bill Act (“OBBBA”) (Publ. Law 119-21), enacted in July 2025, is a sweeping piece of legislation that addresses many issues. Among them, it allocates $1 billion over four years to boost U.S. offensive...more
The federal Cybersecurity and Infrastructure Security Agency (CISA) released a draft of its proposed rule detailing how covered entities operating in critical infrastructure sectors report cyberattacks and ransomware payments...more
Efforts to Address the Lack of Federal Data Privacy Legislation in the U.S. Have Continued - The need for federal data privacy legislation was reiterated in the House Energy and Commerce Committee’s Subcommittee on...more
Iowa becomes the fourth U.S. state to provide an affirmative defense for companies that adopt a cybersecurity framework - Iowa is the fourth state—following Ohio, Connecticut, and Utah—to provide a statutory incentive for...more
Five former Memphis-based hospital employees and another man have pled guilty to unlawfully disclosing patient information in violation of HIPAA, U.S. Attorney for the Western District of Tennessee Kevin Ritz announced....more
In May 2021, Colonial Pipeline, a privately held oil pipeline responsible for nearly half of the oil supply for the U.S. East Coast, was crippled by a DarkSide ransomware attack. DarkSide is widely believed to be a...more
Takeaway: President Biden recently signed into law the “Federal Rotation Cyber Workforce Program Act” and the “State and Local Government Cybersecurity Act”. With these new laws, the Biden Administration is attempting to...more
Companies should take steps now to prepare for the new rules and expectations. The US government continues to expand regulatory requirements around notification and disclosure of major cyberattacks or incidents. ...more
In the wake of Russia’s invasion of Ukraine, and amid growing concerns regarding the threat of increased cyberattacks targeting infrastructure and other critical industries, there has been a flurry of federal activity to...more
Cybersecurity has emerged as a tangible risk for transportation service providers over the course of the last year. Ransomware attacks on domestic industry and critical infrastructure, and tensions associated with the Russian...more
On March 15, 2022, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act (the Act) as part of the Consolidated Appropriations Act of 2022. The Act requires "critical sector" entities to...more
On March 15, 2022, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (the "Act"), creating new requirements for organizations operating in critical infrastructure sectors to...more
The past year’s trends in privacy and cybersecurity are set to intensify in 2022, with heightened threats, increased regulations, and elevated expectations - as well as new opportunities. To navigate the year ahead, we lay...more
Report on Patient Privacy 21 no. 9 (September, 2021) - As ransomware attacks become epidemic and breaches get larger, the Biden administration is partnering with private industry to bolster security and education in an...more
Cyberattacks on organizations with large consumer databases have been on the rise recently. This is certainly true for the insurance industry, which also has been migrating more business to online platforms in an effort to...more
Connecticut has become the third state to enact a cybersecurity safe harbor statute. On June 16 and July 6, 2021, Connecticut Governor Ned Lamont signed two new cybersecurity laws that continue the national trend of...more
Colonial Pipeline shut down 5,500 miles of its East Coast pipeline on May 7, 2021, in an effort to contain a security breach resulting from a ransomware attack. Colonial’s pipeline is one of the nation’s largest and carries...more
Cybersecurity was undoubtably on the forefront of the agenda for many organizations in 2020 – and 2021 should be no different. The rapid shift to remote work over the past year has led to an increased number of cybersecurity...more
Delaware (July 31, 2019) and New Hampshire (August 2, 2019) have become the latest states to add to the insurance cybersecurity landscape by enacting information security laws. These laws come on the heels of Connecticut’s...more
On July 26, 2019, Connecticut Governor Ned Lamont signed into the law the state’s new Insurance Data Security Law, which imposes new information security, risk management, and reporting requirements for carriers, producers,...more
On July 25, 2019, New York Governor Andrew Cuomo signed the Stop Hacks and Improve Electronic Data Security Act (the “SHIELD Act”), making key changes to New York’s data breach notification and cybersecurity laws....more
Over the past six months, a significant number of states have amended their data breach notification statutes. Specifically, thirteen states have amended their statutes to: (1) require notice to the State Attorney General,...more
In November, Tyler wrote about insurance issues raised by both the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act, which goes into effect on January 1, 2020. California’s...more
This week the Securities and Exchange Commission (SEC) issued an investigative report that outlined cyber incidents that nine public companies had experienced, causing fraudulent losses totaling more than $100 million. The...more
Late last month, California Governor Jerry Brown signed the first US Internet of Things (IoT) cybersecurity legislation: Senate Bill 327 and Assembly Bill 1906. ...more