Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 157: Sarah Glover, Maynard Nexsen Cybersecurity Attorney
Overview of Cybersecurity in Government Contracts
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - Cybersecurity Today and Tomorrow with Patrick Hynds
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
As businesses grapple with the evolving, regulatory landscape for data privacy, the Texas Data Privacy & Security Act (TDPSA) emerges as a pivotal law. This comprehensive legislation, effective July 1, 2024, established...more
Tennessee Governor Bill Lee signed legislation on May 22, 2024, that will shield private entities from class action lawsuits stemming from a cybersecurity event unless the event was caused by willful, wanton, or gross...more
The federal Cybersecurity and Infrastructure Security Agency (CISA) released a draft of its proposed rule detailing how covered entities operating in critical infrastructure sectors report cyberattacks and ransomware payments...more
Efforts to Address the Lack of Federal Data Privacy Legislation in the U.S. Have Continued - The need for federal data privacy legislation was reiterated in the House Energy and Commerce Committee’s Subcommittee on...more
Understanding the New Pregnant Workers Fairness Act and Full Scope of Pregnancy-Related Discrimination Laws for Schools - On June 27, 2023, the Pregnant Workers Fairness Act went into effect. This new law requires covered...more
Iowa becomes the fourth U.S. state to provide an affirmative defense for companies that adopt a cybersecurity framework - Iowa is the fourth state—following Ohio, Connecticut, and Utah—to provide a statutory incentive for...more
Five former Memphis-based hospital employees and another man have pled guilty to unlawfully disclosing patient information in violation of HIPAA, U.S. Attorney for the Western District of Tennessee Kevin Ritz announced....more
In May 2021, Colonial Pipeline, a privately held oil pipeline responsible for nearly half of the oil supply for the U.S. East Coast, was crippled by a DarkSide ransomware attack. DarkSide is widely believed to be a...more
FBI Seizes Hive Ransomware Servers—Blocks US$130 Million in Demanded Ransoms - On January 26, Attorney General Merrick Garland announced that the Department of Justice dismantled the “Hive” ransomware group, which had...more
As we kick off 2023, we are optimistic that the healthcare private equity (PE) market will be resilient despite various headwinds. As you think ahead, please consider the issues and trends summarized below that may be helpful...more
Legislation enacted during the 2022 session of the General Assembly requires public bodies to report cybersecurity incidents to the Virginia Fusion Center within 24 hours from when an incident is discovered. This...more
New laws requiring public bodies in Virginia to report cybersecurity threats and incidents have gone into effect. These newly enacted laws (Acts of Assembly Chapters 626 and 627) require public bodies to report to the...more
The Cyber Incident Reporting for Critical Infrastructure Act (“CIRCIA” or “the Act”) is a new federal law, adopted in March 2022, which requires critical infrastructure entities to report certain cybersecurity incidents and...more
Takeaway: President Biden recently signed into law the “Federal Rotation Cyber Workforce Program Act” and the “State and Local Government Cybersecurity Act”. With these new laws, the Biden Administration is attempting to...more
Connecticut Passes the Fifth US State Consumer Privacy Law - The Connecticut governor has formally signed and passed An Act Concerning Personal Data Privacy and Online Monitoring (CPDA), making this law the fifth US state...more
Companies should take steps now to prepare for the new rules and expectations. The US government continues to expand regulatory requirements around notification and disclosure of major cyberattacks or incidents. ...more
As part of the budget appropriations law enacted on November 18, 2021, North Carolina became the first state in the nation to prohibit state agencies and local government entities from paying a ransom following a ransomware...more
In the wake of Russia’s invasion of Ukraine, and amid growing concerns regarding the threat of increased cyberattacks targeting infrastructure and other critical industries, there has been a flurry of federal activity to...more
The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), passed as part of the omnibus spending bill on March 15, 2022, will require critical infrastructure companies - which could include financial...more
President Joe Biden signed the Strengthening American Cybersecurity Act into law on March 15. Among other requirements, companies that are “covered entities” must report data breaches promptly to federal regulators. For...more
Cybersecurity has emerged as a tangible risk for transportation service providers over the course of the last year. Ransomware attacks on domestic industry and critical infrastructure, and tensions associated with the Russian...more
The new law will require critical infrastructure entities to report certain covered cybersecurity incidents to government agencies within 72 hours; ransomware payments within 24 hours. On March 15, President Biden signed...more
Our clients in financial services, technology, and manufacturing industries, take note of this important new piece of legislation. On March 21, 2022, President Biden warned American businesses to prepare for imminent...more
The United States Congress recently passed legislation that includes new cybersecurity provisions requiring critical infrastructure providers to report cyber security incidents, including the payment of ransom, to the...more
On March 15, 2022, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act (the Act) as part of the Consolidated Appropriations Act of 2022. The Act requires "critical sector" entities to...more