Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
On July 7, 2025, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a $225,000 settlement with Deer Oaks – The Behavioral Health Solution (“Deer Oaks”), a provider of...more
The recently enacted TAKE IT DOWN Act makes it a federal offense to share online nonconsensual and explicit images, regardless of whether the images are real or computer generated. The law is intended to protect victims from...more
The SafePay ransomware group has been active since fall 2024 and has increased its activity this spring and summer. According to NCC Group, SafePay hit the most victims of any threat actor in May 2025—it is linked to 248...more
A small but growing number of cyber insurers are incorporating language into their policies that specifically addresses risks from artificial intelligence (AI). The June 2025 issue of The Betterley Report’s Cyber/Privacy...more
The dramatic increase in global reach that the internet provides U.S.-based companies comes as a double edge sword. While it significantly increases a company’s potential customer pool, it also subjects companies to...more
The tension among regulators between the push for increased transparency and the need to protect individual privacy is always apparent in asset searching exercises. This tension is a global phenomenon, central to the ongoing...more
A June 16 appellate decision involving the construction of a cyberinsurance policy demonstrates a concerning lack of judicial understanding about the nature and scope of cyber liability coverage and implicitly incentivizes...more
En 2023, une cyberattaque d’envergure a exposé les données génétiques personnelles de millions d’utilisateurs de 23andMe, une société américaine offrant des services d’analyse du code génétique aux particuliers, poussant les...more
Data privacy regulations aren’t known for being light reading. That doesn’t make it easy for businesses to become compliant. When one law refers to data subjects, another to residents, another to consumers, and another...more
The New Mexico Court of Appeals has held that cyber policy language affording coverage “for” a security breach was ambiguous and must be construed broadly to provide coverage for a breach of contract claim “because of,”...more
The European Commission recently launched a public consultation on the implementation of the AI Act, primarily focused on the classification (and ultimate regulation) of “high risk” AI systems. The AI Act employs a risk-based...more
In this episode of Moving the Metal: The Auto Finance Podcast, hosts Brooke Conkle and Chris Capurso are joined by colleagues Kim Phan and Aileen Ng for a deep dive into the Federal Trade Commission's (FTC) Safeguards Rule...more
On June 27, 2025, the District Court for the Middle District of Florida, on remand from the Eleventh Circuit, reversed course when it denied class certification to a group of plaintiffs who were purportedly impacted by a...more
On June 27, 2025, the Federal Bureau of Investigation (FBI) issued a warning on X to the airline and transportation sectors that the notorious cyber criminal ring Scattered Spider is attacking those sectors....more
The world of data and tech are advancing at lightning speed. Associated with this, governments and regulators are imposing more robust frameworks and legislative requirements to help safeguard organisations and the data they...more
Information leaks pose a growing and multifaceted risk to organizations across sectors. While often associated with cybersecurity breaches, the majority of such incidents stem from human error or intentional misconduct. On 25...more
On June 30, 2025, a Joint Advisory was issued by the National Security Agency, the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation and the Department of Defense Cyber Crime Center issued...more
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has announced another settlement for alleged violations of HIPAA. OCR investigated BayCare Health System, which serves central Florida, after a...more
A nation's reputation is crucial, and the UAE has implemented strong legislation to address these issues under the Federal Law No. (34) of 2021 (cybercrimes law). These laws specifically target online activities concerning...more
California may likely soon join the growing list of states to require data breach notifications to be required within a certain amount of time – in this case, 30 calendar days. In recent years, many states have moved to...more
On June 5, 2025, the UK’s Information Commissioner’s Office (ICO) fined 23andMe £2.31 million (~$3.1 million). The fine was for failing to implement adequate security measures to protect the personal data of over 155,000 UK...more
Welcome to our fifth issue of The Academic Advisor for 2025. In this edition, we cover the following topics of interest for schools, institutions of higher education, and other education-focused organizations...more
The FBI issued a warning on June 27, 2025, that criminals impersonating healthcare insurers and fraud investigators are sending text messages and emails to healthcare providers and patients to trick them into providing...more
Welcome to the seventh issue of Health Headlines, a newsletter created by lawyers in our Healthcare practice. Iowa Governor Kim Reynolds signed Senate File 383 into law, placing new restrictions on pharmacy benefit...more
Most organizations rely on complex supply chains, and that reliance has become a point of vulnerability for cyberattacks. This spring, we have witnessed a large-scale cyberattack on a major British multinational retailer due...more
