Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Key Points - - State AGs nationwide are focusing on initiatives in data privacy, cybersecurity, consumer protection and securities fraud. - Special areas of concern also include AI and online privacy and protections for...more
The SEC continues to leave its mark as a federal cybersecurity enforcer and closed out the year by charging another company with making misleading statements about a cybersecurity attack and failing to maintain cyber-related...more
What do the SolarWinds ruling and other recent developments mean for the future of the SEC’s cyber regulatory program? Will the SEC’s “lack of moderation” result in “violent ends” for its cyber agenda? Or will the current...more
This Holland & Knight blog post is the second installment in a two-part series that examines the challenges to the U.S. Securities and Exchange Commission's (SEC) charges in its landmark case against SolarWinds Corp....more
On July 18, 2024, District Court Judge Engelmayer of the Southern District of New York issued his 107-page opinion and order dismissing most – but not all – of the landmark allegations of the SEC against SolarWinds Corp. and...more
On July 18, a New York federal judge threw out most of the SEC’s claims brought against both SolarWinds Corp. and the company’s chief information security officer (CISO), Timothy Brown....more
On October 30, 2023, the Securities and Exchange Commission filed a securities fraud claim in federal court in the Southern District of New York against SolarWinds Corporation as well as its Chief Information Security...more
Recent activity by the New York Department of Financial Services (NYDFS) and the Securities and Exchange Commission (SEC) highlight the continued focus by government regulators on cybersecurity. As these and other regulators...more
You remember the 2020 SolarWinds hack, perhaps one of the worst cyberattacks in history? As NPR described it in 2021, we all regularly receive routine software updates like this one...more
Takeaway: To ensure investor safety and emphasize a commitment to user privacy, corporate executives and similarly-situated high ranking officers must not provide any statements or omissions that affirmatively create a...more
The Fourth Circuit dismissed an investor’s lawsuit against a hotel chain that had been subject to a data breach, ruling that the company had not made false or misleading public statements about its protection of customer...more
FCC Seeks Public Comment on the Current and Future Regulation of the “Internet of Things” - The FCC is requesting public comment in a proceeding that will help determine the scope and nature of regulation of the “Internet of...more
A California federal court has dismissed a putative securities fraud class action alleging that a large title insurer that disclosed a data security incident in May 2019 made false and misleading statements related to its...more
CYBERSECURITY - Urgent Warning of Imminent Threat to Hospitals Issued by U.S. Government - On October 27, 2020, the FBI and the Department of Homeland Security (DHS) warned the health care industry about “an imminent...more
Editors’ Note: This is the first in our start-of-year series examining important trends in white collar law and investigations in the coming year. Up next: a look at trends in health care enforcement. Look for additional...more
In the aftermath of Equifax’s data breach, a federal court recently found that allegations of poor cybersecurity coupled with misleading statements supported a proper cause of action. In its decision, the U.S. District Court...more
The Situation: Despite Equifax's use of a cover story to keep employees from learning it was the victim of a serious data breach, a then-employee allegedly figured it out and made illegal securities trades based on the...more
It’s become almost routine. A public company suffers a data breach at the hands of hackers, its stock price slides and the securities fraud class action lawsuits pile on....more
Earlier this year, the SEC released cybersecurity guidance addressing, among other things, the risk of insider trading in the event of a data breach. This risk comes in multiple forms, including the intruders trading on...more
The Securities Enforcement Forum West 2018 brought together current and former senior U.S. Securities and Exchange Commission and U.S. Department of Justice officials, securities enforcement and white-collar attorneys,...more
Despite focused media coverage and a steady increase in the number of data breaches involving public companies, there has not been a corresponding increase in shareholder securities fraud and shareholder derivative claims...more
On March 14, 2018, the Securities and Exchange Commission (SEC) charged a chief information officer (CIO) for a US business division of Equifax with insider trading in advance of Equifax’s September 2017 disclosure of the...more
On March 2, Yahoo, Inc. (“Yahoo”) filed a proposed settlement in In re Yahoo Inc. Securities Litigation, which was filed in U.S. District Court in San Francisco. ...more
Public companies experiencing data security incidents have been largely successful in defeating derivative actions and securities class actions related to those cyber incidents....more
FBI Issues Flash Alert on Apache Struts Vulnerability - The Apache Struts vulnerability has been mentioned frequently in the media over the past month, as it is believed to have been involved in one of the largest and most...more