We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Podcast: A Conversation with Andy Rotherham on Hot Topics in Education for 2023
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
2023 DSIR Report Deeper Dive into the Data
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
Cyber Threats
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
[Podcast] NSA Cybersecurity Services for Defense Contractors
Understanding the Additional Risks When Making a Ransomware Payment
The New York State Department of Financial Services (the “Department”) has issued guidance (“Guidance”) to all individuals and entities regulated by the Department (“Regulated Entities”) to underscore the importance of...more
The 2024 CrowdStrike outage and the ransomware attack on NHS partner Synnovis hit mainstream news and highlighted the fragility of ICT supply chains and the risks posed by cyber incidents....more
The American Hospital Association (AHA) has warned that information technology (IT) help desks are being targeted in a social engineering scheme that uses the stolen identity of revenue cycle employees or employees in other...more
On November 1, 2023, the New York Department of Financial Services (NYDFS) announced the adoption of amendments to its Cybersecurity Regulation 23 NYCRR Part 500 (“Amended Cybersecurity Rules” or “Amended Rules”). NYDFS...more
On July 29, the New York Department of Financial Services (NYDFS) released Draft Amendments to its Part 500 Cybersecurity Rules that include a number of significant amendments to the rules, including notification...more
On March 31, 2022, the Securities Industry and Financial Markets Association (“SIFMA”) released its after-action report on Quantum Dawn VI – a global financial-markets cybersecurity exercise....more
On March 29, 2022, federal banking regulators issued important guidance for how banking organizations can comply with the upcoming requirement to notify regulators within 36 hours of ransomware or other disruptive...more
Ransomware continues to present an increasing risk to all organizations. Ransomware attacks can involve the installation of malicious software designed to block access to computer systems and/or steal data, and a...more
The Financial Crimes Enforcement Network (“FinCEN”) of the U.S. Department of the Treasury (“Treasury”) has made clear that businesses engaging in certain activities involving virtual currencies are subject to registration,...more
The innovative use of virtual currencies is hotter than ever, but so is a dark side of these instruments: their exploitation in ransomware schemes. This year, since January 2021, ransomware attacks have increased...more
On November 23, 2021, the Office of the Comptroller of the Currency (OCC) released Interpretive Letter 1179 (the “Letter”), which is the culmination of a review of prior Interpretive Letters on cryptocurrency and related...more
In a few short weeks, the global loss attributable to cybercrime is expected to surpass $6 trillion.* Therefore, in an effort to protect financial institutions and consumers from further loss, agencies including the United...more
Office of Foreign Assets Control (OFAC) released detailed sanctions compliance guidance for the virtual currency industry (the Guidance). The Guidance provides an overview of OFAC sanctions requirements and lists several best...more
On September 21, 2021 the US Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) issue an updated memo on the potential sanctions risk associated with facilitating ransomware payments and to once again note...more
On September 21, 2021 OFAC issued its first sanctions designation against a virtual currency exchange by designating the virtual currency exchange, SUEX OTC, S.R.O. (SUEX) “for its part in facilitating financial transactions...more
Companies that make ransomware payments, whether they be the victim of a ransomware attack or entities that facilitate such payments, should review the updated advisory issued by U.S. Department of the Treasury's Office of...more
On September 21, 2021, The Department of Treasury’s Office of Foreign Assets Control (“OFAC”) issued an Updated Advisory “to highlight the sanctions risks associated with ransomware payments in connection with malicious...more
The United States Treasury Department’s Financial Crimes Enforcement Network (FinCEN) will hold a second FinCEN Exchange in August to discuss ways to combat increasingly sophisticated cyber and ransomware attacks. The FinCEN...more
Recent industry feedback published by the UK Financial Conduct Authority shares insights on the identification and management of cybersecurity challenges and mitigation strategies for financial services firms. The feedback...more
PA Health Dept Sued; Investigation Looms, After Contact Tracing Breach "The PA health dept. is being sued, after employees of its vendor Insight Global set up an unsecured channel to share COVID-19 contact tracing data,...more
On February 4, 2021, New York’s Department of Financial Services (DFS) issued Insurance Circular Letter No. 2, which builds on the robust cybersecurity regulation provided in its 2017 Cybersecurity Regulation (23 NYCRR 500)....more
On successive days last week, the Department of Justice (DOJ) unveiled enforcement actions against international cybercriminal organizations that utilized ransomware to infect computer systems and then extort payment, often...more
The financial services industry faced unprecedented cybersecurity and privacy challenges in 2020. From learning how to operate with a remote workforce, dealing with a complex and evolving regulatory environment, facing an...more
Both the Office of Foreign Assets Control (OFAC) and the Financial Crimes Enforcement Network (FinCEN) of the U.S. Department of Treasury have issued advisories recently regarding regulatory considerations financial...more
Providing yet more proof that anything positive can be twisted into something negative, the Financial Crimes Enforcement Network (“FinCEN”) released a Notice yesterday “to alert financial institutions about the potential for...more