Digital Planning Podcast - Interview With Leeza Garber
Compliance into the Weeds-Episode 39, Disclosure of Ransomware Attacks
Your Cyber Minute: Compliance with the Proposed NYDFS Cybersecurity Regulation
Safeguards against Data Security Breaches (Part One)
Imagine a world in which powerful computers can instantaneously break a company’s standard encryption, threatening the most valuable financial data, intellectual property, personal information, and even national security...more
Did your computer suffer from a blue screen of death due to the global IT outage caused by an update from CrowdStrike, a popular cybersecurity provider to many enterprises around the country? Cybersecurity concerns top the...more
Many companies, particularly Software-as-a-Service (“SaaS”) and start-up companies, continue to struggle with the concept of export control classification of items with encryption functionality. This ongoing confusion is...more
If you have a tendency to reuse the same password across multiple accounts, you could be leaving yourself (and your organization) exposed to risk. Credential stuffing, the stealthy technique fueling a recent explosion of...more
Hosted by American Conference Institute, the 14th Advanced Forum on Global Encryption, Cloud & Cyber Export Controls returns for another exciting year with curated programming that brings together a global gathering of...more
This is a reminder that annual self-classification reports and semi-annual reports for hardware, software, or technology utilizing encryption ("Encryption Items") were due to be filed by February 1, 2024, with the Bureau of...more
With interest in Artificial intelligence (AI) soaring, we were curious to determine how well a very popular ‘generative AI’ tool, ChatGPT, could perform at identifying the leading causes of cybersecurity incidents experienced...more
Data security will undoubtedly remain an enforcement priority for the Federal Trade Commission in 2023. A presentation on the FTC’s approach to data security by Deputy Chief Technologist Alex Gaynor at a Commission open...more
"You're storing the passwords in plaintext?" My college professor looked at me puzzled. I had to immediately fix this. It was a huge security problem in my senior project, a web-based e-commerce platform. If any hacker tapped...more
The increased concern about ransomware incidents from both quantitative and severity standpoints, spurred the White House to urge corporate business leaders to improve their defenses and resilience posture against ransomware...more
1. BIS Eliminates Reporting Requirements for Certain Encryption Items Effective March 29, 2021, BIS eliminated or reduced reporting requirements for certain encryption items. For encryption source code and beta test...more
The President’s new Executive Order on Improving the Nation’s Cybersecurity includes wide-ranging measures intended to strengthen security standards for the federal government and federal government contractors in response to...more
On May 12, 2021, President Biden issued an Executive Order on Improving the Nation’s Cybersecurity following a series of highly publicized cybersecurity incidents during the first four months of his presidency, including the...more
In a well-received “spring cleaning,” the U.S. Department of Commerce’s Bureau of Industry & Security (BIS) has decluttered the thicket of regulations governing the export of encryption software and hardware. Among the...more
On March 10, 2021, the American Bar Association released new guidance for attorneys working remotely. While there has never been a distinction in the Model Rules for Professional Conduct between working in a brick-and-mortar...more
Many workers and employers are adjusting to remote working as a result of the COVID-19 pandemic. That shift has created a unique opportunity for cyber-attackers and criminals – the European Union Agency for Cybersecurity has...more
The most pressing question around the new FIRRMA regulations is “Will my transaction be covered?” To provide a bit of guidance on that point, we present an illustration from our upcoming Second Edition of The CFIUS Book due...more
The new year brings with it the reporting deadlines for exports of encryption items under the US Export Administration Regulations. February 1, 2020, is the deadline for submitting annual self-classification reports for...more
• On December 26, 2019, DDTC published an interim final rule that would allow, under certain conditions, encrypted technical data and software that is subject to the ITAR to be sent, shipped or stored outside the United...more
As businesses continue to digitise their assets and operations, the need to continually assess IT infrastructure and the technical measures in place to safeguard key information assets and data becomes ever more important....more
Security researchers at Radboud University in the Netherlands have discovered a flaw in several manufacturers’ solid state hard drive firmware that can be exploited to read data from self-encrypting drives (SED)....more
The Bureau of Industry and Security (BIS) recently published changes to its encryption regulations in an effort to simplify the text and focus the scope of controls. The biggest change is that Note 4, the “primary purpose...more
For a number of years now, January 28 has been marked as “Data Privacy Day” (or, for our European friends, “Data Protection Day”), and it is often overlooked observed in the United States, Canada, India and many European...more
Maintaining a global supply chain brings its share of commercial, financial, and regulatory risks. Increasingly, telecommunications companies with global operations and suppliers are finding that U.S. trade control laws...more
On September 20, 2016, the Bureau of Industry and Security (BIS) of the U.S. Commerce Department amended the Export Administration Regulations (EAR) and the list of goods, software and technology that are controlled under the...more