No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Podcast: A Conversation with Andy Rotherham on Hot Topics in Education for 2023
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
2023 DSIR Report Deeper Dive into the Data
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
Cyber Threats
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
[Podcast] NSA Cybersecurity Services for Defense Contractors
Understanding the Additional Risks When Making a Ransomware Payment
2022 DSIR Deeper Dive: Ransomware
The New York State Department of Financial Services (the “Department”) has issued guidance (“Guidance”) to all individuals and entities regulated by the Department (“Regulated Entities”) to underscore the importance of...more
France's Orientation and Programming Law of the Ministry of the Interior ("LOMPI law"), published in the Official Journal of January 25, 2023, amends the insurance coverage of losses and damages paid in response to...more
CYBERSECURITY NIST - Releases Guidance on Supply Chain Security - The National Institute of Standards and Technology (NIST) Information Technology Laboratory recently released guidance entitled “Software Supply Chain...more
On March 29, 2022, federal banking regulators issued important guidance for how banking organizations can comply with the upcoming requirement to notify regulators within 36 hours of ransomware or other disruptive...more
Guidance Demonstrates OFAC’s Expectations for Sanctions Compliance by Cryptocurrency Industry - On October 15, 2021, the Office of Foreign Assets Control (“OFAC”) of the U.S. Department of the Treasury published Sanctions...more
Office of Foreign Assets Control (OFAC) released detailed sanctions compliance guidance for the virtual currency industry (the Guidance). The Guidance provides an overview of OFAC sanctions requirements and lists several best...more
In the wake of increased ransomware attacks over the course of the last several months, the US Department of Treasury’s Office of Foreign Assets Control (OFAC) has updated a guidance it released last year on potential...more
On 21 September 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an updated advisory that highlights the sanctions risks associated with making ransomware payments. OFAC reiterated...more
The exponential rise in ransomware attacks in the past year has everyone on high alert, not least of which are regulators. Following on the heels of a June 2, 2021 White House memo addressing ransomware prevention, on June...more
The U.S. Department of Health and Human Service’s Office for Civil Rights in Action (OCR) issued a warning that cybercriminals are attempting to exploit a critical vulnerability in VMware software. This alert originates from...more
Ransomware victims face a nearly impossible decision: pay criminals holding their business hostage or refuse and face possible crippling consequences. This decision requires careful analysis of a number of considerations, and...more
On October 1, 2020, the U.S. Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory regarding the potential sanctions risk for entities that facilitate ransomware payments. OFAC defined “ransomware” as: A form...more
The U.S. Securities and Exchange Commission (SEC) and the Financial Industry Regulatory Authority (FINRA) made several regulatory announcements this summer relating to cybersecurity, artificial intelligence (AI), and digital...more
In This Issue. The Securities and Exchange Commission (SEC) adopted amendments to its exemptive applications procedures under the Investment Company Act of 1940, as amended (the 1940 Act) and proposed to amend Form 13F to...more
Recent months have seen a wave of ransomware attacks in the US healthcare industry, many involving a sophisticated strain of malware called Ryuk. To protect themselves, healthcare providers should review OCR’s recent guidance...more
In late January, the U.S. Department of Health and Human Services’ Healthcare & Public Health Sector Coordinating Council issued a new cybersecurity guidance document for healthcare businesses of all sizes. The guidance...more
Some forms of cyber extortion are automated and not targeted at any specific victim. For example, “ransomware” refers to a type of malware that prevents users from accessing their systems unless, and until, a ransom is paid. ...more
DNV GL recently issued a new globally applicable recommended practice (DNLVGL-RP-G108) to assist oil and gas operators, system integrators and managers, and vendors in the offshore industry to manage increasing cybersecurity...more
If your organization operates in the healthcare industry, particularly if it qualifies as a covered entity or business associate under the Health Insurance Portability and Accountability Act (HIPAA), you may have noticed the...more