When a business experiences a data security incident, there is invariably one principal question that the affected business wants answered: Who do we tell?
Originally published in Law360 on December 2, 2022....more
A thesis statement for this month's Cyber Capsule might be "You're Doing It Wrong." Whether it's easily guessable passwords, manipulated URLs, or waiting longer than prudent to report a data breach, most of our items look at...more
Please find our eighth edition of the Cyber Capsule. In this edition, we discuss a brazen botnet, steps to shield the online availability of federal judges' personal information, the price of cybersecurity, and a warning...more
In this episode of Unauthorized Access, Kamran and Sadia are joined by Redpoint Cybersecurity VP of Client Engagement Violet Sullivan. The three cyber experts discuss board level buy-in and how to make sure the board is...more
It is 2022, which means you’ve received your fair share of consumer breach notification letters.
Originally published in Law360 on September 30, 2022....more
Please join Consumer Financial Services Partner Chris Willis and his colleagues Privacy + Cyber Associate Sadia Mirza and Privacy + Cyber Partner Kamran Salour as they discuss phishing. Kamran and Sadia break down what...more
Please find our seventh edition of the Cyber Capsule. As the year end approaches, there was a notable absence of prospective cyber-related regulation. Instead, this edition highlights the rising cost of ransomware, yet...more
According to the Verizon Wireless 2022 Data Breach Investigations Report, there are four prominent paths that threat actors use to gain unauthorized access into an organization’s network...
Originally published in Law360 on...more
In this episode of Unauthorized Access, Kamran and Sadia welcome their firm colleague, Privacy + Cyber Partner and Team Leader Ron Raether, in a discussion on consumer breach notices — specifically from Ron's perspective as a...more
Welcome to the sixth edition of the Cyber Capsule. This edition focuses on protecting judges’ personal information; an uptick in phishing; a regulatory decision and a judicial opinion, each of which may impact how companies...more
For nearly 20 years, October has served as Cybersecurity Awareness Month. To highlight the importance of being cyber ready, we will release weekly tricks and treats as part of this four-part series to make your business more...more
The holiday season is around the corner. For most of us, it is a time of joy, cheer, excitement, and hopefully some relaxation. For cyber criminals, however, this is the busy season (same goes for Santa and his elves).
...more
Can cyber investigations be canned? Find out what Sadia, Kamran, and this month’s guest, Shawn Tuma of Spencer Fane, have to say. The gloves come off as these three breach coaches duke it out for the final word on this topic....more
Please find our fourth edition of the Cyber Capsule. As in months past, we continue to see an emphasis on two trends — an emphasis on cybersecurity funding and an emphasis on information sharing. Information sharing, however,...more
In this episode of Unauthorized Access, Kamran and Sadia welcome Tony Kirtley of Secureworks. Tony discusses the emotional response to a ransomware attack, particularly how the emotional response mirrors the Kübler-Ross five...more
Welcome to the second edition of Troutman Pepper’s Cyber Capsule, which recaps last month’s noteworthy developments, including updates to reporting rules and cybercrime sharing, and other tidbits of information relating to...more
Hello and welcome to the inaugural edition of Troutman Pepper’s Cyber Capsule. The Cyber Capsule gathers noteworthy news from the prior month and groups them here. You might be asking yourself why am I receiving this? Well,...more
Editor’s Note: This past month featured increased activity in privacy and data protection. U.S. Legislation and Regulation. Connecticut’s governor signed a comprehensive privacy bill, and President Biden has before him a bill...more
The California Privacy Rights Action (CPRA) will significantly impact how entities process personal information requiring covered businesses to review and update their existing vendor agreements. The CPRA also includes...more
In July 2021, the Uniform Law Commission (ULC) approved the final version of the Uniform Personal Data Protection Act (UPDPA). The ULC took a novel approach when drafting this model act, which it claims has “elements that...more
On April 5, the Securities and Exchange Commission (SEC) announced that two employees improperly accessed adjudicatory materials for cases being litigated in the agency’s in-house court system. The access occurred in 2017,...more
Editor’s Note: It may be the shortest month of the year, but February 2022 saw a flurry of privacy — especially biometric — legislation move closer to enactment. Kentucky, California, Maryland, and New York state introduced...more
On February 3, a New York magistrate judge recommended dismissing a class action against medical management company, Professional Business System d/b/a Practicefirst Medical Management Solutions in Tassmer v. Professional...more
Editor’s Note: Organizations continue calling for a comprehensive federal privacy law, and U.S. states continue trying to fill the void by proposing their own such laws. The latest states to do so include Mississippi and...more