Cost of Noncompliance: More Than Just Fines
No Password Required: President at Constellation Cyber, Former FBI Translator, and Finder of Non-Magical Mushrooms
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
2023 DSIR Report Deeper Dive into the Data
Episode 282 -- CISO and CCOs -- The Evolving Partnership
Cyber Threats
No Password Required: A Developer Advocate with Auth0 and an "Accordion Guy" with Rockstar Aspirations
Cybersecurity Threats Facing Food and Agribusiness Companies & the Preparation and Protection Safeguards to Help Mitigate Them
[Podcast] NSA Cybersecurity Services for Defense Contractors
Dark Web Monitoring - Unauthorized Access Podcast
Cyberside Chats: Everyone wants to be Batman. Hacking Back & Cybersecurity Law
Mandatory Cyber Incident Reporting: Pros, Cons, and Next Steps
Fighting the Constantly Evolving Threat of Cybercrimes
Part 2: Cybersecurity and the Role of Management
Part 1: Cybersecurity and the Role of Management
No Password Required: The Philosopher CISO of Tallahassee Who Lives to Help Other People
Ransomware, Geopolitical Tensions, and the Race to Regulate
Cyber incidents have surged in recent years, with attacks more than doubling since 2020 and the number of victims totaling in the hundreds of millions in 2023 alone. These incidents can cost organizations millions or even...more
Welcome to our seventh 2024 issue of Decoded - our technology law insights e-newsletter. We have a few events we want to pass along to those interested in technology, but also other areas of law and business....more
Partner Eric Packel takes a deeper dive into BakerHostetler’s 2024 Data Security Incident Response Report. Packel looks back on the last ten years and examines the ways in which the data breach landscape has changed and what...more
Fragile or volatile supply chains, increases in regulatory obligations and enforcement, natural disasters, inflation, political turmoil – all complicated issues for any business to navigate. Among the myriad business...more
In response to the increasing number of cyberattacks and the acceleration of digital transformation across sectors, the European Union has revised and improved its Network and Information Security (NIS) Directive. The...more
Amidst an ever-evolving cyber threat landscape, a recent slew of regulatory updates and cybersecurity standards are defining a new battlefront for securing critical infrastructure and corporate data across varying sectors....more
On May 7, 2024, the White House Office of the National Cyber Director (ONCD) released several reports on the United States’ cybersecurity posture and strategic plan. These documents implement the 2023 National Cybersecurity...more
Selected U.S. Privacy and Cyber Updates - CISA Posts Notice of Proposed Rulemaking Under CIRCIA - On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) published a notice of proposed rulemaking (NPRM)...more
Last week, Paul Hastings attended the Securities and Exchange Commission (SEC) Speaks 2024 event presented by the Practising Law Institute (PLI) in cooperation with the SEC on April 1 and 2. The SEC Speaks program provides...more
A recent Report to Congress from the Office of Inspector General (OIG) of the Intelligence Community addresses barriers to information sharing that Congress sought to promote in landmark 2015 legislation. This report may have...more
From large-scale hacks to new rules governing cyber practices, the cyber landscape continues to become more complex. The risk for breaches is higher than ever before. The numbers support this declaration. According to the...more
On December 14, 2023, Erik Gerding, Director, Division of Corporation Finance at the Securities and Exchange Commission (“SEC”) gave a speech on the SEC’s final rules (the “Final Rule(s)”) regarding cybersecurity risk...more
Data security is a top concern for organizations in today’s digital landscape. It protects data from unauthorized access, use, modification, or disclosure, and requires implementing technical, administrative, and physical...more
In the last two decades, incident response has evolved significantly, adapting to the dynamic cyber threat landscape. As the internet became an integral part of daily life, cyber threats escalated in scope and scale. This...more
On October 3, the Department of Defense, General Services Administration, and the National Aeronautics and Space Administration published two sets of proposed revisions to the Federal Acquisition Regulation (“FAR”) pertaining...more
Earlier this month the Federal Acquisition Regulation (“FAR”) Council released two draft rules which would impose new cybersecurity requirements for federal contractors. The proposed rules, Cyber Threat and Incident Reporting...more
The growing concern around cyberthreats for companies across the nation is reflected in the increasingly crowded legislative landscape that provides guidance to organizations, employers, employees, consumers, and investors....more
In what can best be described as a tsunami of cybersecurity regulation, the Federal Acquisition Regulation (FAR) Council—consisting of the Department of Defense (DoD), General Services Administration (GSA), and National...more
Information sharing has seemed like the “holy grail” of federal cyber policy: sought after but elusive, especially to those who think it will solve their problems. At a time of increased regulation and looming mandates for...more
Incident response (IR) has undergone a drastic transformation in the past two decades, adapting to the relentless evolution of the cyber threat landscape. In the early 2000s, as the internet became more deeply ingrained in...more
Learning Objectives: - Overview of current US privacy/cybersecurity laws and regulation - Current cyber threats: overview of recent trends in cyberattacks and risk areas for healthcare providers - Incident Response: how...more
On July 26, 2023, the Securities and Exchange Commission (“SEC”) issued a final rule that requires registrants to provide enhanced and standardized disclosures regarding “cybersecurity risk management, strategy, governance...more
On July 26, 2023, the Securities and Exchange Commission (SEC) implemented new cybersecurity rules to require disclosure of material cybersecurity incidents within four business days, with limited exceptions. Additionally,...more
In an age where digital connectivity is rapidly advancing, cybersecurity has become an inescapable concern for organizations across industries. With cyber threats ranging from data breaches to ransomware attacks, it is...more
We’re back with a deeper dive into the 2023 Data Security and Incident Response Report, which features insights and metrics from 1,160+ incidents in 2022. This episode dives deeper into the data, including ransomware and...more