We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Podcast: A Conversation with Andy Rotherham on Hot Topics in Education for 2023
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
2023 DSIR Report Deeper Dive into the Data
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
Cyber Threats
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
[Podcast] NSA Cybersecurity Services for Defense Contractors
Understanding the Additional Risks When Making a Ransomware Payment
Welcome to our fourth issue of 2025 of Decoded - our technology law insights e-newsletter. We hope you enjoy this issue and thank you for reading. Sector by Sector: How Data Breaches are Wrecking Bottom Lines - “Data...more
The 2024 CrowdStrike outage and the ransomware attack on NHS partner Synnovis hit mainstream news and highlighted the fragility of ICT supply chains and the risks posed by cyber incidents....more
The U.S. Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) is publishing a proposed rule (Proposal or NPRM) that will require broad segments of industry to meet onerous and quick...more
“Protect your data! Breaches are on the rise!” These warnings seem to be everywhere – and rightfully so. Threat actors are sophisticated and new breach trends are constantly materializing. Awareness is no longer enough. It...more
Selected U.S. Privacy and Cyber Updates - NYDFS Releases Circular Letter on Use of AI in Insurance Underwriting and Pricing - On January 17, 2024, the New York State Department of Financial Services (NYDFS) issued a proposed...more
On November 1, 2023, the New York Department of Financial Services (NYDFS) announced the adoption of amendments to its Cybersecurity Regulation 23 NYCRR Part 500 (“Amended Cybersecurity Rules” or “Amended Rules”). NYDFS...more
Last month, as the New York State Department of Financial Services (“DFS”) began phasing in amended cybersecurity regulations and continued enforcement actions against noncompliant entities, a wave of ransomware attacks...more
Publications and Advisories - November 13, 2023 – Kathleen Benway, Kate Hanniford, Amy Mushahwar, Kim Peretti, and Lance Taubin published “Privacy, Cyber & Data Strategy Advisory: FTC Approved New Data Breach Notification...more
Cyber Resilience Programs Falling Short on Preparing Workers for a Crisis- “At two-thirds of organizations, there is a fear that almost all employees, 95%, will not understand how to recover following a cyberattack.” ...more
This edition of the Update covers: - Recent legal and regulatory developments, including the commencement of cyber security incident notification obligations for critical financial market infrastructure assets, AUSTRAC's...more
On July 29, the New York Department of Financial Services (NYDFS) released Draft Amendments to its Part 500 Cybersecurity Rules that include a number of significant amendments to the rules, including notification...more
On March 29, 2022, federal banking regulators issued important guidance for how banking organizations can comply with the upcoming requirement to notify regulators within 36 hours of ransomware or other disruptive...more
The Financial Crimes Enforcement Network (“FinCEN”) of the U.S. Department of the Treasury (“Treasury”) has made clear that businesses engaging in certain activities involving virtual currencies are subject to registration,...more
We invite you to attend McDermottTech 2021, a virtual conference exploring the latest global trends impacting the technology industry. Please join us for this complimentary program on September 21, 2021, for the opportunity...more
The exponential rise in ransomware attacks in the past year has everyone on high alert, not least of which are regulators. Following on the heels of a June 2, 2021 White House memo addressing ransomware prevention, on June...more
Like most industries today, Consumer Finance Services businesses are being significantly impacted by the novel coronavirus (COVID-19). Troutman Pepper has developed a dedicated COVID-19 Resource Center to guide clients...more
Recent industry feedback published by the UK Financial Conduct Authority shares insights on the identification and management of cybersecurity challenges and mitigation strategies for financial services firms. The feedback...more
The New York Department of Financial Services (NYDFS) issued new guidance this week intended to assist organizations in thwarting ransomware attacks. The guidance clarifies the NYDFS’ expectation that NYDFS-regulated...more
- In the age of broad corporate teleworking brought on by COVID-19, OCIE of the SEC has observed during recent examinations that investment advisers, broker-dealers and investment companies are subject to an increased threat...more
In This Issue. The Securities and Exchange Commission (SEC) adopted amendments to its exemptive applications procedures under the Investment Company Act of 1940, as amended (the 1940 Act) and proposed to amend Form 13F to...more
McDermott Will & Emery, in partnership with Alvarez & Marsal is hosting a tailored webinar, discussing the cyber security threats and mitigations facing private equity firms in response to the COVID-19 pandemic. One of the...more
Cyber attacks continue to be a pervasive and destructive threat to all institutions and the legal and regulatory landscape currently in place to address those threats continues be reshaped in an effort to address those...more
On August 7, 2017, the Office of Compliance Inspections and Examinations (OCIE) of the U.S. Securities and Exchange Commission (SEC) released a summary of its observations (the report) from cybersecurity examinations of 75...more