Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 157: Sarah Glover, Maynard Nexsen Cybersecurity Attorney
Overview of Cybersecurity in Government Contracts
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - Cybersecurity Today and Tomorrow with Patrick Hynds
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
The Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI), the National Security Agency, and other international partners, issued an Alert on September 5, 2024, warning...more
On August 21, 2024, the United States Cybersecurity and Infrastructure Security agency, alongside government agencies in key global allies, including Australia, the UK, Canada, and Japan, released guidance on event logging...more
Dragos issued its Industrial Ransomware Analysis for Q2 on August 14, 2024. The analysis shows that ransomware attacks significantly increased in Q2, with many ransomware groups disrupted by law enforcement rebranding...more
Hong Kong is following other jurisdictions, including Mainland China, Singapore and the UK, in proposing to enhance cybersecurity obligations on IT systems of those operating critical infrastructure (“CI“). While the proposed...more
We previously reported on the concerning mash-up of worldwide cybercriminals, known as Scattered Spider, working together to attack victims. New reports from Microsoft and others indicate that in the second quarter of...more
INTRODUCTION - The acceleration of cyber-attacks on companies in Hong Kong in the last year or so (– with over 60 notifications of such attacks being received by the Office of the Privacy Commissioner of Hong Kong in 2023,...more
As discussed in our previous blog post, the Cybersecurity and Infrastructure Security Agency (CISA) is proposing a significant new rule to bolster the nation’s cyber defenses through mandatory incident reporting. While...more
As businesses grapple with the evolving, regulatory landscape for data privacy, the Texas Data Privacy & Security Act (TDPSA) emerges as a pivotal law. This comprehensive legislation, effective July 1, 2024, established...more
The increasing threat of cyberattacks against U.S. water supplies has raised significant concerns among federal officials, who emphatically stress the need for utilities to bolster their cybersecurity measures. A recent...more
U.S. State Department announces international diplomacy strategy to promote digital solidarity. Recognizing emerging technologies and cyber threats as an inflection point for U.S. competition with geopolitical rivals, the...more
Welcome to our fifth issue of 2024 for our construction industry insights e-newsletter - The Site Report. In our Ask the Attorney segment at the bottom of this e-newsletter, we tap Jonathan Deasy, Senior Attorney in our...more
The Cybersecurity and Infrastructure Security Agency (CISA), a division of the Department of Homeland Security, has proposed a rule that would govern whether, when, and how companies in critical infrastructure sectors report...more
MIT Report Details New Cybersecurity Risks - “Cloud misconfigurations, more sophisticated ransomware, and vendor exploitation attacks are contributing to rising cyberattacks.” Why this is important: Worldwide spending...more
Selected U.S. Privacy and Cyber Updates - CISA Posts Notice of Proposed Rulemaking Under CIRCIA - On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) published a notice of proposed rulemaking (NPRM)...more
Companies should review their resiliency, vendors, suppliers, and plans for partnering with the FBI in case of a cyber event, says FBI. The People’s Republic of China (PRC) is positioning itself to “physically wreak havoc on...more
On April 30, 2024, the White House announced that President Biden signed a new critical infrastructure memorandum, titled National Security Memorandum on Critical Infrastructure Security and Resilience ("NSM-22"). This new...more
Modern warfare is no longer restricted to physical battlefields and professional military. Countries like North Korea and Russia have few qualms about using cyberspace to reach well beyond their physical borders to target...more
Last week I had the privilege of attending the Construction Financial Management Association Dallas/Ft Worth Chapter’s monthly membership education luncheon as a prospective member. The educational topic was Cybersecurity and...more
The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more
On April 4, 2024, the Cybersecurity and Infrastructure Security Agency (“CISA”) published for public comment a long-awaited proposed rule to implement the Cyber Incident Reporting for Critical Infrastructure Act of 2022...more
Transportation services providers are increasingly facing new technology-oriented threats in day-to-day business. Recent cyberattacks and the potential for serious disruption from threat actors have drawn the attention of the...more
CISA's proposed rules will require organizations operating in U.S. critical infrastructure sectors to report cyber incidents within 72 hours and ransom payments within 24 hours. ...more
In 2025, new federal reporting requirements will require hundreds of thousands of organizations to report cyber incidents within hours of discovery to the United States Government, marking a significant impact on how...more
On March 15, 2022, the Cyber Incident Reporting for Critical Infrastructure Act of 2022 was signed into law. Generally, CIRCIA requires “covered entities,” defined as entities in certain critical infrastructure sectors, to...more
A sweeping array of businesses are another step closer to requirements to report cybersecurity incidents and ransomware payments to the federal government. On April 4, 2024, the U.S. Department of Homeland Security's (DHS)...more