No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Podcast: A Conversation with Andy Rotherham on Hot Topics in Education for 2023
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
2023 DSIR Report Deeper Dive into the Data
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
Cyber Threats
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
[Podcast] NSA Cybersecurity Services for Defense Contractors
Understanding the Additional Risks When Making a Ransomware Payment
2022 DSIR Deeper Dive: Ransomware
The messages from government agencies and cybersecurity leaders at the end of June were clear – nation-state-sponsored cybersecurity threats are on the rise. Pro-Iranian “hacktivists” are targeting U.S. infrastructure and...more
A sweeping array of businesses are another step closer to requirements to report cybersecurity incidents and ransomware payments to the federal government. On April 4, 2024, the U.S. Department of Homeland Security's (DHS)...more
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) within the US Department of Homeland Security released a much-anticipated notice of proposed rulemaking (NPRM) to implement the Cyber Incident...more
The U.S. Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) is publishing a proposed rule (Proposal or NPRM) that will require broad segments of industry to meet onerous and quick...more
As we enter the New Year, Wiley has looked back at the top cyber issues for 2023 and what they mean for 2024. Last year, we saw the rollout of the National Cybersecurity Strategy—which outlined a new era of cyber oversight—as...more
The Department of Homeland Security’s Transportation Security Administration (“TSA”) has issued an amended directive on pipeline security, SD-Pipeline-2021-02D (the “Directive”). The Directive is based on and supersedes the...more
The SAFETY Act, a liability management program managed by the Department of Homeland Security, can be used by businesses to limit or eliminate potential liability associated with ransomware attacks. To take advantage of...more
Critical Infrastructure Must Soon Report Cyber Incidents to CISA Immediately - In March, President Biden signed the “Cyber Incident Reporting for Critical Infrastructure Act” (CIRCIA) into law. CIRCIA applies to the...more
Welcome to our latest edition of the Cyber Capsule. September followed trends we have seen the last few months, with legislation directed at funding to support state and local governments in their quest to stop cyberattacks;...more
$1Bn is now available to state, local and tribal (SLT) entities to shore up their cybersecurity vulnerabilities under the State and Local Cybersecurity Grant Program (SLCGP) announced on Friday, September 16th by the U.S....more
Included within the Consolidated Appropriations Act, 2022, signed by President Joe Biden on March 15, the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (Act) creates new data breach reporting requirements....more
After years of debate, Congress has passed bipartisan legislation requiring owners and operators of critical infrastructure to report cyber incidents to the U.S. Department of Homeland Security (DHS) Cybersecurity and...more
CYBERSECURITY - FBI and DHS Warn of Russian Cyberattacks Against Critical Infrastructure - U.S. officials this week warned government agencies, cybersecurity personnel, and operators of critical infrastructure that...more
Federal agencies have been actively looking at cyber threats to critical infrastructure. In a January 27 announcement the White House said: “it will extend the Industrial Control Systems (ICS) Cybersecurity Initiative to the...more
Cybersecurity threats to critical infrastructure systems are nothing new. But events over the last few years have been notable due to the seemingly increased frequency of successful attacks and the way those attacks have been...more
Imagine a country paralyzed by the inability — even for just one day — to move people or goods by rail or by plane. This is not science fiction. This is the reality of the potential cybersecurity threats that could impact the...more
As we reported on September 9th, meaningful and robust federal cybersecurity legislation is nearly across the finish line. Since then, further developments indicate that reporting mandates are imminent. On September 21st, the...more
The Transportation Security Administration (TSA) on July 20, 2021, reversed two decades of pipeline cybersecurity policies. Having previously advocated for voluntary pipeline cybersecurity standards, the TSA quickly issued...more
Following a series of major ransomware attacks, including against Colonial Pipeline, which provides the East Coast with 45 percent of its gasoline, jet fuel and diesel, President Biden issued a National Security Memorandum...more
Last month, we discussed ways lawmakers aim to limit ransomware response options that businesses may consider during an incident. State legislatures, such as New York, North Carolina, Pennsylvania, and Texas, have introduced...more
The increased concern about ransomware incidents from both quantitative and severity standpoints, spurred the White House to urge corporate business leaders to improve their defenses and resilience posture against ransomware...more
The U.S. Department of Homeland Security (DHS) issued a security directive (Directive) that, for the first time, imposes mandatory cybersecurity requirements on companies in the pipeline industry. ...more
In the wake of the May 2021 ransomware attack on a major US oil pipeline, the Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) has released a security directive (the “TSA Directive”) to...more
On May 27, 2021, against the backdrop of the Colonial Pipeline cybersecurity incident, the Department of Homeland Security’s Transportation Security Administration (“TSA”) announced Security Directive Pipeline-2021-01...more
On May 27, the Department of Homeland Security’s Transportation Security Administration announced a Security Directive designed to “better identify, protect against, and respond to threats to critical companies in the...more