No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Life With GDPR: Critical Perspectives on Big Law Firm Cybersecurity
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
State AG Pulse | CT AG Reacts to Genetic Data Breach
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: State Privacy and Data Collection
The SEC recently issued an order and settlement against a company from a pair of cyberattacks in which millions of dollars of client funds were stolen. While the company was able to recover a portion of the funds and...more
The SEC continues to expand its cybersecurity enforcement authority to include allegations that a company's failure to monitor its managed security service providers (MSSP) amounts to violations of federal securities laws....more
On May 15, 2024, the Securities and Exchange Commission (the “SEC”) issued final amendments (the “Amendments”) to Regulation S-P (originally adopted in 2000), which governs the treatment of a customer’s nonpublic personal...more
CYBERSECURITY - SEC’s Hacked X Account Leads to Tumultuous Bitcoin Market - The Securities and Exchange Commission has confirmed that its X account “was compromised, and an unauthorized post was posted.” The SEC...more
CYBERSECURITY - Hackers Steal $4.4M Crypto Using Data Linked to LastPass Breach - According to Bleeping Computer, crypto fraud researchers at ZachXBT, and MetaMask developer Taylor Monahan have reported that on October 25,...more
In Short - The Situation: Following a cyberattack on a law firm's systems, the Securities and Exchange Commission ("SEC") subpoenaed the firm for information, including the identity of clients whose information may have...more
“Material Cybersecurity Incident” Standard Will Have a Monumental Impact on Current Cyber Disclosure Requirements - On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) adopted the Cybersecurity Risk...more
On March 9, 2022, the Securities and Exchange Commission (“SEC”) announced Proposed Rules on cybersecurity risk management, strategy, governance, and incident disclosure (“Proposed Rules”) to address concerns of increasing...more
Gary Gensler, Chair of the U.S. Securities and Exchange Commission (SEC), signaled a new era of cybersecurity law (and accompanying enforcement) in his keynote address “Cybersecurity and Securities Laws” on January 24, 2022,...more
We continue our year-end review of SEC enforcement activity and turn our attention to a topic grabbing seemingly daily headlines across multiple industries: cybersecurity. As the risks – and realities – of cyberattacks...more
This past summer’s string of cyber enforcement actions signals that cybersecurity has become a top priority for the US Securities and Exchange Commission (“SEC”). This focus is consistent with the SEC’s Division of...more
There is little doubt that the U.S. Securities and Exchange Commission is making cybersecurity a top priority. SEC Chair Gary Gensler told a Senate committee on Tuesday, September 14, 2021 that the agency is developing a...more
The Securities and Exchange Commission is gaining traction in the enforcement of cybersecurity and disclosure requirements. The SEC has a lot on its plate these days – ESG, cybersecurity, and the traditional mix of...more
The Securities and Exchange Commission (the “SEC”) requires companies to disclose the most significant factors that make investments in the company speculative or risky. Private Placement Memorandums (“PPMs”) are often used...more
Are You Ready for Canada’s New Privacy Breach Rules? Mandatory privacy breach notification, reporting, and record-keeping obligations under Canada’s federal data protection law, the Personal Information Protection and...more
In this month's edition of our Privacy & Cybersecurity Update, we examine expanded data breach notification laws in New Jersey and Washington state, as well as the SEC's risk alert regarding cloud-based storage solutions. We...more
• The SEC released a Risk Alert summarizing key areas in which it continues to see compliance deficiencies related to Regulation S-P, the primary SEC rule regarding privacy notices and safeguard policies of investment...more
This Update highlights key legal and policy developments in cybersecurity and privacy law that may impact important trends for 2019 and beyond. A central takeaway from 2018 is that regulators in the U.S. and abroad are...more
As we turn the page on 2018, let’s reflect on some of the key privacy and cybersecurity issues that will continue to occupy our hearts and minds in 2019....more
Features - International Updates (Excluding the EU) - India’s Draft Data Protection Bill: Another GDPR Around the Corner? India recently introduced the Personal Data Protection Bill 2018. ...more
The Securities and Exchange Commission recently settled with Voya Financial Advisors, Inc. for alleged violation of Regulation S-ID (otherwise known as the Identity Theft Red Flags Rule) and Regulation S-P (otherwise known as...more
This week the Securities and Exchange Commission (SEC) issued an investigative report that outlined cyber incidents that nine public companies had experienced, causing fraudulent losses totaling more than $100 million. The...more
Google has announced plans to shutter Google Plus, its “floundering answer to Facebook,” following the discovery of a security vulnerability that “exposed the private data of up to 500,000 users of the service.” Google...more
In a recent speech, SEC Commissioner Kara Stein commented on the importance of cybersecurity. The Commissioner noted that encouraging adoption of written policies and procedures, voluntary frameworks and non-binding guidance...more
As cybersecurity attacks have continued to gain prominence as a threat posing critical risk management and compliance challenges for financial institutions, the Securities and Exchange Commission (SEC) has emerged as an...more