Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Microsoft has confirmed that vulnerabilities in its on-premises SharePoint Server installations, a network spoofing vulnerability (CVE-202549706), and a remote code execution vulnerability (CVE-2025-49704) are being actively...more
The SafePay ransomware group has been active since fall 2024 and has increased its activity this spring and summer. According to NCC Group, SafePay hit the most victims of any threat actor in May 2025—it is linked to 248...more
A recent breach involving Indian fintech company Kirana Pro serves as a reminder to organizations worldwide: even the most sophisticated cybersecurity technology cannot make up for poor administrative data security hygiene....more
SAP Netweaver Visual Composer users are urged to patch a critical vulnerability that attackers are actively exploiting. According to ReliaQuest, which detected the vulnerability, the attacks allow full system compromise...more
What exactly is data exfiltration, and why should organizations be concerned about it? Data exfiltration is the movement or migration of company-owned trade secrets or intellectual property outside of the enterprise. It...more
Even the strongest IT/DR plans can fail if they aren’t proactive about avoiding these common mistakes. When systems go down, business grinds to a halt. Downtime leads to $9,000 in losses per minute on average, damaged...more
If you hang out with CISOs like I do, shadow IT has always been a difficult problem. Shadow IT refers to refers to “information technology (IT) systems deployed by departments other than the central IT department, to bypass...more
We live in an era in which information is a valuable commodity. Access to data, ideas, and trade secrets is in high demand, particularly for individuals or companies seeking to profit from this information. One way they gain...more
North Korean IT operatives are infiltrating U.S. and Western companies using stolen or fabricated identities, VPNs, and U.S.-based co-conspirators to gain unauthorized access to corporate systems. These insider threats pose...more
Feel confident tackling any threat with a unified incident management approach that integrates roles, communication, and recovery tasks. Small and medium-sized organizations without a disaster recovery plan are 40% more...more
Balancing Business Continuity and IT Disaster Recovery is crucial for robust organizational resilience. So, how does your organization integrate both strategies for maximum impact?...more
A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more
Scammers are always looking for new ways to dupe victims. If you battle your weight, you think about it a lot and are always looking for easier ways to lose some pounds. There is no easy way, but we are always looking for an...more
On this episode of “Don’t Take No for An Answer,” Lynda A. Bennett, Chair of Lowenstein’s Insurance Recovery Group, speaks with David Anderson, Vice President of Cyber at Woodruff Sawyer, about the difference between...more
Since 2016, the federal government has implemented numerous procurement regulations and associated contract clauses to address cybersecurity by requiring contractors to adopt various controls and standards to protect...more
Data Resilience Masterclass: Navigating the Risks of the Digital Age - Data Risk and Resilience is a critical topic for modern businesses, especially within industries that handle vast amounts of sensitive information....more
Everyone thinks they can spot a phishing email. If true, we would not see so many security incidents, data breaches, and ransomware attacks. The statistics are overwhelming that phishing emails are a significant cause of data...more
RegFi co-hosts Jerry Buckley and Sherry Safchuk welcome Orrick partner Aravind Swaminathan for a conversation exploring the critical and evolving role of the Chief Information Security Officer in today’s corporate landscape.....more
We previously reported on the concerning mash-up of worldwide cybercriminals, known as Scattered Spider, working together to attack victims. New reports from Microsoft and others indicate that in the second quarter of...more
On July 17, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) issued an Alert adding three vulnerabilities to its Known Vulnerabilities Catalog. ...more
Gone are the days where technological solutions were “nice to have” options to provide us with better access to resources and improved process efficiencies. Nowadays, technological solutions – and specifically those that...more
Last month, the Director of the Division of Corporation Finance (“Director”) of the Securities and Exchange Commission (“SEC”) issued new guidance regarding disclosures of material cybersecurity incidents via Form 8-K under...more
As applications and use cases for digital assets and their blockchain infrastructure grow and become more sophisticated, investments and valuations for businesses in these areas have grown as well. The growing number of...more
A spate of recent ransomware attacks illustrates the increasingly difficult calculations that businesses face following the theft or encryption of their data....more
The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more