No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Podcast: A Conversation with Andy Rotherham on Hot Topics in Education for 2023
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
2023 DSIR Report Deeper Dive into the Data
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
Cyber Threats
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
[Podcast] NSA Cybersecurity Services for Defense Contractors
Understanding the Additional Risks When Making a Ransomware Payment
2022 DSIR Deeper Dive: Ransomware
The messages from government agencies and cybersecurity leaders at the end of June were clear – nation-state-sponsored cybersecurity threats are on the rise. Pro-Iranian “hacktivists” are targeting U.S. infrastructure and...more
The New York State Department of Health has issued an urgent cybersecurity advisory (the Advisory) warning of increased threat levels and a higher likelihood of cybersecurity attacks from Iranian state-backed actors following...more
On June 30, 2025, a Joint Advisory was issued by the National Security Agency, the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation and the Department of Defense Cyber Crime Center issued...more
On June 30, 2025, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the Department of Defense Cyber Crime Center (DC3) published a...more
The mining sector is increasingly at risk from cyber attacks, and many companies are racing to defend themselves against the backdrop of a rapidly changing threat landscape. Ross Phillipson and Anna Rudawski explore what is...more
On 14 January 2025, the UK Home Office published a consultation paper focusing on legislative proposals to reduce payments to cyber criminals and increasing incident reporting. ...more
Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more
Just over a year ago, the White House issued its long-awaited National Cybersecurity Strategy, with an emphasis on defending Critical Infrastructure, promoting public and private collaboration, and safeguarding...more
On May 23, 2023, CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) published an updated version of the #StopRansomware...more
The White House released the long-anticipated National Cybersecurity Strategy on March 2, 2023 setting out five (5) pillars articulating key themes and Administration priorities. Coming more than two years into the Biden...more
Last year Colonial Pipeline halted one of the United States’ largest pipeline systems due to a ransomware attack. Within days a state of emergency was declared in 17 states. A few days later the pipeline resumed service, and...more
A proposed $1M civil penalty against Colonial Pipeline for its procedural failures during a ransomware attack could indicate what’s in store for critical infrastructure operators who fail to keep employees up to date on how...more
Privacy In Focus®- In 2021, cyber gained prominence as a top business risk and national security concern with ransomware attacks wreaking havoc on business operations and critical infrastructure. Companies large and small,...more
Cybersecurity threats to critical infrastructure systems are nothing new. But events over the last few years have been notable due to the seemingly increased frequency of successful attacks and the way those attacks have been...more
In the last several weeks, the Executive and Legislative branches of the United States federal government have taken bipartisan measures to defend the country’s infrastructure from the critical national security threat posed...more
The Department of Homeland Security (DHS) recently announced a new Security Directive requiring companies in the pipeline sector “to better identify, protect against, and respond to” cyber threats. Among other things, the...more
You just can’t make this stuff up – the Justice Department, displaying its growing sophistication of the cyber world, announced it recovered most of the ransom paid to criminal hackers of Colonial Pipeline Co. (Colonial)....more
In an unusual and exciting twist to the Colonial Pipeline ransomware attack, the Department of Justice (DOJ) announced this week that it was able to retrieve $2.3 million of the $4.4 million paid by Colonial Pipeline to...more
Following the creation of the DOJ’s Ransomware and Digital Extortion Task Force in April 2021 and on the heels of the Biden administration’s characterization of ransomware as a national security threat, on June 7, 2021, the...more
Since the Colonial Pipeline and JBS meat manufacturing security incidents, attention is finally being paid to the cybersecurity vulnerabilities of critical infrastructure in the U.S. and in particular, the potential effect on...more
On May 10, 2021, the hacking group DarkSide succeeded in shutting down the Colonial Pipeline with a ransomware attack that highlighted the vulnerability of the U.S. energy sector to cyberattacks. The attack led to a panic...more
The U.S. Department of Homeland Security (DHS) issued a security directive (Directive) that, for the first time, imposes mandatory cybersecurity requirements on companies in the pipeline industry. ...more
As we come out of the COVID-19 pandemic, it appears that another type of infection is threatening business and ransomware continues to spread. ...more
In the wake of the May 2021 ransomware attack on a major US oil pipeline, the Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) has released a security directive (the “TSA Directive”) to...more
On May 27, 2021, against the backdrop of the Colonial Pipeline cybersecurity incident, the Department of Homeland Security’s Transportation Security Administration (“TSA”) announced Security Directive Pipeline-2021-01...more