No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Podcast: A Conversation with Andy Rotherham on Hot Topics in Education for 2023
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
2023 DSIR Report Deeper Dive into the Data
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
Cyber Threats
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
[Podcast] NSA Cybersecurity Services for Defense Contractors
Understanding the Additional Risks When Making a Ransomware Payment
2022 DSIR Deeper Dive: Ransomware
The messages from government agencies and cybersecurity leaders at the end of June were clear – nation-state-sponsored cybersecurity threats are on the rise. Pro-Iranian “hacktivists” are targeting U.S. infrastructure and...more
A significant shift in cybersecurity compliance is on the horizon, and businesses need to prepare. Starting in 2024, organizations will face new requirements to report cybersecurity incidents and ransomware payments to the...more
On April 4, 2024, the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) officially published its Notice of Proposed Rulemaking (NPRM) detailing significant new cybersecurity...more
Most businesses in the United States will have to file incident reports—including for ransomware payments—under the Proposed Rule. The Department of Homeland Security has the authority to issue subpoenas and even penalties...more
A sweeping array of businesses are another step closer to requirements to report cybersecurity incidents and ransomware payments to the federal government. On April 4, 2024, the U.S. Department of Homeland Security's (DHS)...more
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) within the US Department of Homeland Security released a much-anticipated notice of proposed rulemaking (NPRM) to implement the Cyber Incident...more
The U.S. Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) is publishing a proposed rule (Proposal or NPRM) that will require broad segments of industry to meet onerous and quick...more
As we enter the New Year, Wiley has looked back at the top cyber issues for 2023 and what they mean for 2024. Last year, we saw the rollout of the National Cybersecurity Strategy—which outlined a new era of cyber oversight—as...more
The Department of Homeland Security’s Transportation Security Administration (“TSA”) has issued an amended directive on pipeline security, SD-Pipeline-2021-02D (the “Directive”). The Directive is based on and supersedes the...more
North Carolina Power Outage Points to Homeland Security Long-Documented Threats to US Power Grid - “Moore County blackouts serve as reminder that nation’s electricity infrastructure could be vulnerable targets for domestic...more
Under the new law, critical infrastructure owners and operators will be required to report significant cyber incidents to the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA)...more
Included within the Consolidated Appropriations Act, 2022, signed by President Joe Biden on March 15, the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (Act) creates new data breach reporting requirements....more
After years of debate, Congress has passed bipartisan legislation requiring owners and operators of critical infrastructure to report cyber incidents to the U.S. Department of Homeland Security (DHS) Cybersecurity and...more
Federal agencies have been actively looking at cyber threats to critical infrastructure. In a January 27 announcement the White House said: “it will extend the Industrial Control Systems (ICS) Cybersecurity Initiative to the...more
Cybersecurity threats to critical infrastructure systems are nothing new. But events over the last few years have been notable due to the seemingly increased frequency of successful attacks and the way those attacks have been...more
Imagine a country paralyzed by the inability — even for just one day — to move people or goods by rail or by plane. This is not science fiction. This is the reality of the potential cybersecurity threats that could impact the...more
The Transportation Security Administration (TSA) on July 20, 2021, reversed two decades of pipeline cybersecurity policies. Having previously advocated for voluntary pipeline cybersecurity standards, the TSA quickly issued...more
Following a series of major ransomware attacks, including against Colonial Pipeline, which provides the East Coast with 45 percent of its gasoline, jet fuel and diesel, President Biden issued a National Security Memorandum...more
The increased concern about ransomware incidents from both quantitative and severity standpoints, spurred the White House to urge corporate business leaders to improve their defenses and resilience posture against ransomware...more
The Department of Homeland Security (DHS) recently announced a new Security Directive requiring companies in the pipeline sector “to better identify, protect against, and respond to” cyber threats. Among other things, the...more
Less than a month after the high-profile ransomware attack against Colonial Pipeline, the Department of Homeland Security's (DHS) Transportation Security Administration (TSA) has issued its first-ever set of mandatory...more
The U.S. Department of Homeland Security (DHS) issued a security directive (Directive) that, for the first time, imposes mandatory cybersecurity requirements on companies in the pipeline industry. ...more
In the wake of the May 2021 ransomware attack on a major US oil pipeline, the Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) has released a security directive (the “TSA Directive”) to...more
On May 27, 2021, against the backdrop of the Colonial Pipeline cybersecurity incident, the Department of Homeland Security’s Transportation Security Administration (“TSA”) announced Security Directive Pipeline-2021-01...more
On May 27, the Department of Homeland Security’s Transportation Security Administration announced a Security Directive designed to “better identify, protect against, and respond to threats to critical companies in the...more