No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Life With GDPR: Critical Perspectives on Big Law Firm Cybersecurity
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
State AG Pulse | CT AG Reacts to Genetic Data Breach
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: State Privacy and Data Collection
Welcome to our seventh 2024 issue of Decoded - our technology law insights e-newsletter. We have a few events we want to pass along to those interested in technology, but also other areas of law and business. ...more
In response to President Biden’s Executive Order authorizing increased data privacy measures, Assistant Attorney General (AAG) Matthew G. Olsen announced that the National Security Division of the Department of Justice (DOJ)...more
On July 26, the Securities and Exchange Commission adopted a new rule regarding cybersecurity risk management, strategy, governance, and incident disclosure. The “Cybersecurity Incident Disclosure Rule” will be applicable to...more
According to recent reports issued by Microsoft and U.S. government agencies, hackers recently exploited a gap in Microsoft’s cloud environment, enabling the malicious actors to access the email accounts of employees at the...more
Editor’s Note: In regulatory news, the Colorado AG published a second version of its proposed regulations. In U.S. litigation, Meta and TikTok both faced further litigation, and an Illinois court ruled that J&M Plating must...more
According to the National Security Agency, actors backed by the Chinese government are actively targeting a zero-day vulnerability in two commonly-used Citrix networking devices. The exploit (CVE-2022-27518) affects Citrix...more
California Privacy Protection Agency Releases Revised Regulations - With the effective date less than three months away, and ahead of a Board Meeting on October 28 and 29, the California Privacy Protection Agency released...more
CYBERSECURITY - Cloaked Ursa Using Trusted Online Storage Services to Evade Detection - According to research by Palo Alto’s Unit 42, the most recent campaign by advanced persistent threat Cloaked Ursa (aka APT 20,...more
The SEC’s recent enforcement actions, public statements and proposed rulemaking indicate that cybersecurity will be an area of heightened focus for the Gensler Commission. New proposed rules would require public companies...more
This week the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA) issued a “SHIELDS UP” advisory. While it does not identify specific threats in the advisory, CISA states that the “Russian...more
Report on Patient Privacy 21, no. 10 (October, 2021) - Conducting a risk analysis is a basic tenet of security compliance, with the overarching goal of understanding where protected health information (PHI) “lives” in an...more
When you are educating your employees about the importance of maintaining a complex password or passphrase, share this story to show why it is so important and to emphasize not to use same or similar passphrases across...more
In the last several weeks, the Executive and Legislative branches of the United States federal government have taken bipartisan measures to defend the country’s infrastructure from the critical national security threat posed...more
In the end, food companies must balance the process efficiencies and controls that data transmission and functionality over the internet provide with the risk of cyberattacks that cripple production. A sizeable chunk of...more
On May 12, President Biden issued a landmark Executive Order (“the Order”) aimed at improving the country’s cybersecurity threat defense. This Order is an attempt to create a “whole of government” response to increasingly...more
If you live on the East Coast and tried to get gasoline last week, you already know firsthand of the impacts that a cyber incident can wreck on the supply chain. As a result of the Colonial Pipeline cyber incident, a...more
On May 12, 2021, the Biden administration released a far-reaching executive order intended to improve the U.S. government’s cybersecurity posture, both internally and in any private information technology (IT) systems that...more
Key Takeaways: The Trump Administration has remained relatively silent about the 2020 data breach (believed to be connected to Russian state actors). It is unclear at this point whether the Trump Administration will take any...more
Insider threats continue to be pervasive and real. Last month’s indictment of a Russian national accused of conspiring to recruit a U.S. company’s employee to carry out a cyberattack is a sharp reminder of that. According to...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - Cybersecurity Standards Issued for Government Contractors - On January 31, the Office of the Under Secretary of Defense for Acquisition and...more
A cyberattack on a single gas compression facility resulted in the shutdown of a natural gas pipeline for two days, according to a recent alert from the US Department of Homeland Security’s Cybersecurity and Infrastructure...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - FTC Submits Comment on the Preliminary Draft for the NIST Privacy Framework - On October 24, 2019, the Federal Trade Commission ("FTC") announced that...more
In line with recent actions taken across the government to enhance the resilience of the nation’s cybersecurity apparatus, the Cybersecurity Infrastructure Security Agency (CISA) recently released a set of best practices for...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - NIST Director Discusses Future Development of Cybersecurity Framework - On March 4, the director of the National Institute of Standards and Technology...more
A new ransomware, dubbed “Ryuk,” has surfaced in the last few weeks and is said to be targeting large organizations in the United States. The attackers behind Ryuk have reportedly made more than $640,000 in just two weeks,...more