We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Podcast: A Conversation with Andy Rotherham on Hot Topics in Education for 2023
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
2023 DSIR Report Deeper Dive into the Data
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
Cyber Threats
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
[Podcast] NSA Cybersecurity Services for Defense Contractors
Understanding the Additional Risks When Making a Ransomware Payment
Ransomware group Akira is believed to be behind a large number of attacks that appear to be tied to SonicWall firewalls with SSLVPN enabled. Over the past week, a large number of attacks by the ransomware group Akira have...more
In the spirit of National Cybersecurity Awareness Month, the Office of Civil Rights (“OCR”) released a new video on October 17, 2024, to promote awareness on ransomware trends in the healthcare industry and how HIPAA subject...more
On May 23, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) published a second edition of the #StopRansomware Guide (the Guide). The Guide, first published in September 2020, aims to help organizations reduce...more
France's Orientation and Programming Law of the Ministry of the Interior ("LOMPI law"), published in the Official Journal of January 25, 2023, amends the insurance coverage of losses and damages paid in response to...more
In light of the increase in fraud crimes in the digital space, a team from the Israeli Justice Ministry has formulated recommendations for defining a policy to contend with ransomware attacks. The recommendations relate to...more
The FBI and CISA recently issued a Cybersecurity Alert entitled “#StopRansomware: Zeppelin Ransomware” providing an alert to organizations about the proliferation of Zeppelin ransomware attacks and information on the...more
On March 29, 2022, federal banking regulators issued important guidance for how banking organizations can comply with the upcoming requirement to notify regulators within 36 hours of ransomware or other disruptive...more
The federal banking agencies recently issued a final regulation that will require a bank to notify its primary federal regulator of a cyberattack, or computer-security incident, no later than 36 hours after the bank...more
On September 21, 2021, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) published an updated sanctions advisory, providing guidance to companies on sanctions compliance obligations related to ransomware...more
On November 18, 2021, the Federal Deposit Insurance Corporation, the Board of Governors of the Federal Reserve System, and the Office of the Comptroller of the Currency issued a joint final rule to require banking...more
Federal officials have recently warned employers and businesses that they could have insult added to injury if they respond to cyberattacks by making ransomware payments – increasingly requested through cryptocurrency – as...more
In the wake of increased ransomware attacks over the course of the last several months, the US Department of Treasury’s Office of Foreign Assets Control (OFAC) has updated a guidance it released last year on potential...more
The exponential rise in ransomware attacks in the past year has everyone on high alert, not least of which are regulators. Following on the heels of a June 2, 2021 White House memo addressing ransomware prevention, on June...more
The New York State Department of Financial Services recently announced new guidance addressing ransomware attacks, and highlighting cybersecurity measures to significantly reduce the risk of an attack. The guidance comes as...more
On June 30, 2021, the New York Department of Financial Services ("NYDFS") identified key cybersecurity measures to prevent and prepare for ransomware attacks. ...more
Ransomware victims face a nearly impossible decision: pay criminals holding their business hostage or refuse and face possible crippling consequences. This decision requires careful analysis of a number of considerations, and...more
We hope you have read about the reporting on potential ransomware attacks on US hospitals and perhaps other health care providers. If you have not, please review this guidance from the government agencies involved in this...more
On October 1, 2020, the US Department of the Treasury's Office of Foreign Assets Control ("OFAC") issued an advisory opinion on the sanctions risks associated with certain cyberattacks ("OFAC Guidance"). The OFAC Guidance...more
On October 1, 2020, the US Department of Treasury’s Office of Foreign Assets Control (OFAC) issued an Advisory highlighting sanctions risks associated with facilitating ransomware payments on behalf of victims targeted by...more
In This Issue. The Securities and Exchange Commission (SEC) adopted amendments to its exemptive applications procedures under the Investment Company Act of 1940, as amended (the 1940 Act) and proposed to amend Form 13F to...more
Recent months have seen a wave of ransomware attacks in the US healthcare industry, many involving a sophisticated strain of malware called Ryuk. To protect themselves, healthcare providers should review OCR’s recent guidance...more
In late January, the U.S. Department of Health and Human Services’ Healthcare & Public Health Sector Coordinating Council issued a new cybersecurity guidance document for healthcare businesses of all sizes. The guidance...more
Some forms of cyber extortion are automated and not targeted at any specific victim. For example, “ransomware” refers to a type of malware that prevents users from accessing their systems unless, and until, a ransom is paid. ...more
DNV GL recently issued a new globally applicable recommended practice (DNLVGL-RP-G108) to assist oil and gas operators, system integrators and managers, and vendors in the offshore industry to manage increasing cybersecurity...more
The FBI has issued new guidance specifically applicable to medical and dental facilities regarding the cybersecurity risk of File Transfer Protocol (“FTP”) servers operating in “anonymous” mode. FTPs are routinely used to...more