When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
Unleashed on June 27, 2017, NotPetya caused an estimated $10 billion in damages globally, among the costliest ransomware attacks in history. In 2018, the Trump administration—in tandem with the British government—blamed...more
The recent indictment of Maksim Silnikau, a Belarusian and Ukrainian national, is a clear reminder that cybercriminals are becoming more sophisticated and bold....more
Every spring, BakerHostetler collects, analyzes, and compares key metrics on the incident response matters we handled in the prior year. The output – our Data Security Incident Response (DSIR) Report – highlights key findings...more
10th Anniversary Look Back - While 2014 may not really seem that long ago, consider this: In 2014, Tom Brady was still the quarterback of the New England Patriots, with nine years to go until his retirement from the NFL....more
Editor's Note: In a significant study from MIT's CSAIL, researchers have unveiled vulnerabilities in smartphone ambient light sensors, highlighting them as potential channels for privacy breaches. This discovery underscores...more
Why does it matter to you? In February of 2024, Change Healthcare, a prominent player in the healthcare industry, fell victim to a ransomware attack that sent shockwaves through its systems and networks. The incident...more
Coyote, a new Brazilian malware, is currently hunting down credentials for sixty-one (61) different banking applications. Researchers expect the malware to spread internationally. Russian cybersecurity firm Kaspersky has...more
New Linux Remote Access Trojan "Krasue" Targets Thai Telecom Sector - A newly discovered Remote Access Trojan (RAT) for Linux has been seen targeting telecommunications firms in Thailand as reported by Group-IB. Named RAT...more
On May 24, 2023, Microsoft announced the detection of a direct threat to critical infrastructure organizations in Guam and elsewhere in the United States. The alert attributed observed malicious activity to a state-sponsored...more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
There is a lot of chatter out there around the uses of artificial intelligence (AI) for cybersecurity. For example, Applied Sciences published a paper on how AI can be used for mobile malware detection, and Gartner has...more
The rise of ransomware attacks has prompted the international community to explore a range of approaches to deter these attacks, including the use of sanctions, the further development and instantiation of norms governing...more
Third-party vendors pose a significant risk - The greatest data privacy threat to companies is commonly thought to be that company’s employees. While employees can be a threat, the majority of data breaches and ...more
When it comes to providing Managed Detection and Response (MDR) solutions for businesses, the idea of one size fits all is being replaced by the concept of right-sizing. A one-size-fits-all option is a preconfigured security...more
Before we jump into February developments — trigger warning if you are a Russian hacker — for those keeping track of breach notification requirements, the National Credit Union Administration (NCUA) Board approved a final...more
Malware is an umbrella term for all malicious software. What is malware? Malware is an umbrella term that includes all types of malicious software, including viruses, worms, Trojans, ransomware, and spyware. These...more
Le commissaire à l’information et à la protection de la vie privée de l’Ontario (le « CIPVP »), soit l’organisme de réglementation de la protection de la vie privée dans le secteur public et le domaine de la santé de...more
The Information and Privacy Commissioner of Ontario (IPC), Ontario’s public sector and health privacy regulator, recently released a technology factsheet titled, “How to Protect Against Ransomware.” This factsheet is intended...more
On Monday the Federal Trade Commission issued a press release stating it is settling a case against Drizly and its CEO for a data breach that exposed the information of 2.5 million consumers in July 2020. The proposed...more
Ransomware has been one of the top cyber threats in the past several years. Thanks to the WannaCry attack of 2017 and others, most people have heard of this type of cyber threat, but many do not know how it works, how to...more
CYBERSECURITY - Cloaked Ursa Using Trusted Online Storage Services to Evade Detection - According to research by Palo Alto’s Unit 42, the most recent campaign by advanced persistent threat Cloaked Ursa (aka APT 20,...more
According to research by Palo Alto’s Unit 42, the most recent campaign by advanced persistent threat Cloaked Ursa (aka APT 20, Nobelium, or Cozy Bear), “demonstrate[s] sophistication and the ability to rapidly integrate...more
According to several recent media reports, malicious cyber actors have begun to utilize four new types of cyberattacks as part of their current destructive repertoire. The website www.databreachtoday.com noted that these new...more
Establishing and maintaining effective systems to protect sensitive personal data and confidential business information from outside interference while also assuring that privacy interests are protected is among an...more
In its April 27 Weekly Update, the Financial Industry Regulatory Authority’s (“FINRA”) National Cause and Financial Crimes Detection program urged FINRA member firms to review a cyber-threat alert arising from Russia’s...more