No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Podcast: A Conversation with Andy Rotherham on Hot Topics in Education for 2023
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
2023 DSIR Report Deeper Dive into the Data
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
Cyber Threats
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
[Podcast] NSA Cybersecurity Services for Defense Contractors
Understanding the Additional Risks When Making a Ransomware Payment
2022 DSIR Deeper Dive: Ransomware
The DFIR 2025 Threat Report from CyberCX offers a firsthand view of how cyber adversaries adapted and accelerated their tactics in 2024. Covering incidents across Australia, New Zealand, North America, and Europe, the report...more
The construction industry’s reliance on digital data and devices has reshaped the construction process. When used properly, digital technology facilitates collaboration and increases productivity. However, growing dependence...more
On February 19, 2025, the Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), issued...more
On January 16, 2025, President Joe Biden issued the “Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity,” a comprehensive directive designed to address the growing complexity and...more
Material updates to the HIPAA Security Rule could be on the way — affecting all HIPAA-regulated entities — for the first time in two decades. The Department of Health and Human Services (HHS) issued a Notice of Proposed...more
Editor’s Note: This webcast brings together some of HaystackID’s top experts to dissect the intricacies of Business Email Compromise (BEC) attacks—a rapidly growing threat impacting organizations globally. During the...more
New York’s Cybersecurity Regulation continues its phased roll-out on November 1, when licensed financial services companies face a host of new requirements aimed at bolstering breach readiness and improving their ability to...more
In December 2021, Suffolk County, New York, experienced a significant cybersecurity breach that culminated in a ransomware attack in September 2022. The attack went undetected for months, allowing the attackers to install...more
Announcing its fourth ransomware cybersecurity investigation and settlement, the Office for Civil Rights (OCR) also observed there has been a 264% increase in large ransomware breaches since 2018....more
The American Hospital Association (AHA) has warned that information technology (IT) help desks are being targeted in a social engineering scheme that uses the stolen identity of revenue cycle employees or employees in other...more
The New York State Department of Financial Services (NYDFS) adopted comprehensive amendments to its cybersecurity regulation on Nov. 1, 2023. The amended regulation, including the notification provisions of §500.17, goes into...more
Cybersecurity is critically important in the age of remote work. With more people working from home and accessing company systems and data remotely, the potential for cyberattacks and data breaches has increased...more
Every year, BakerHostetler collects and analyzes various metrics about the incident response matters we handle. In 2022, we handled over 1,160 incidents. The most striking trends we saw across those incidents were an overall...more
Ransomware has become a major threat to businesses across the world as cyber-attacks are becoming increasingly sophisticated, resulting in devastating financial damage for companies that fall victim. Not only are important...more
Proposed Amendments to 23 NYCRR Part 500 - If you are the chief information security officer (“CISO”) of a fintech company operating in New York, you may already be aware that, on November 9, 2022, the New York State...more
Are you using VMware ESXi servers? Why should you worry? Unpatched VMware ESXi servers are actively being attacked against a two-year-old remote code execution vulnerability to deploy a new ESXiArgs ransomware. ...more
Information security will remain a top priority for all industries in 2023. Healthcare, government, and education will likely continue to be top targets for ransomware attacks, with for-profit businesses close behind. In...more
In the third and final episode of our three-part series on cybersecurity, we discuss ransomware and the legal issues surrounding paying a ransom. In this episode, we cover: how companies have become better prepared,...more
Multi-factor authentication (MFA) is more than an annoying popup or text message when logging onto a company’s website or platform. Not only is using MFA a sound security practice and good business, it is frequently becoming...more
While the early days of cyber insurance were often marked by rapid expansion and low losses, recent years have seen the industry weather a vast increase in not just the number of claims but also the severity. The growing...more
I am at the RSA Conference 2022 in San Francisco, my first time as a member of the private sector, since retiring from the FBI last year. I attended one of the keynotes on the first day of the conference, in between panels on...more
Glenn Hartfiel, Principal, and Geoff Yut, Consultant, at Opportune LLP discuss why recent geopolitical events are heightening the need for the implementation of improved cybersecurity measures in the energy industry, why...more
The Ankura Cyber Threat Investigations & Expert Services (CTIX) team conducted a technical analysis of historical and ongoing adversarial activity associated with the current Ukrainian/Russian conflict. In doing so, the CTIX...more
Fears of cybersecurity attacks are mounting in the wake of the Russian invasion of Ukraine. From the war itself, a number of malware variants have been created and are circulating on the internet....more
Selected Developments in U.S. Law - SEC Proposed Rule Will Require Private Funds to Report Certain Cyber Events On January 26, 2022, the U.S. Securities and Exchange Commission (SEC) proposed new rules to enhance hedge fund...more