No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
Overview of Cybersecurity in Government Contracts
Cybersecurity: What Healthcare Providers Need to Know
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
No Password Required: The Sailing CTO of Sylint Group Who Routinely Defends Against Nation-State Attacks on Critical Infrastructure
Webinar Recording - Crypto Breaches: Legal & Regulatory Update
No Password Required: A Cybersecurity Education Specialist, Whose Passions Include the Forest, DIY, and Deviled Eggs
Cyberside Chats: Everyone wants to be Batman. Hacking Back & Cybersecurity Law
Defense In-Depth: Cybersecurity For Energy
Greetings and Felicitations - Aly McDevitt on Ransomware Case Study, Part 2
Not If, but When: A Data Protection Roadmap for Legal Teams in a Post-Pandemic World
How to Protect your Organization From a Cybersecurity Attack
Phishing: Cybersecurity’s Biggest Threat
No Password Required: An Infowar Expert Paved the Path From Rock-And-Roll to Cybersecurity
Cybersecurity & Data Privacy Webinar Series: Password Protected: Essential Cybersecurity & Data Privacy Planning for Your Small Business
CF on Cyber: The Anatomy of a Ransomware Attack - Part 2
CF on Cyber: The Anatomy of a Ransomware Attack - Part 1
Fighting Cyber Crime: The $1 Trillion Invisible Threat
Podcast: How Can Companies in the Health Care and Life Sciences Industries Strengthen Their Cybersecurity Posture? - Diagnosing Health Care
The U.S. District Court for the Southern District of New York on July 18, 2024, dismissed most of the SEC's landmark cyber enforcement litigation against SolarWinds Corp. (SolarWinds or the Company) and the Company's Chief...more
In a reminder that open source products can carry significant risks beyond intellectual property, a vulnerability in a compression tool commonly used by developers has triggered widespread concerns....more
In January, Jake Lee and I wrote an article about the merits of using 17 U.S.C. § 1201 to sue video game hack developers. Importantly, § 1201 can be asserted separately from traditional copyright infringement under 17 U.S.C....more
One of the main risks that a company faces after a data breach is a potential lawsuit. Plaintiffs often will allege creative statutory and common law theories of harm after they learn that their personal information has been...more
Each month, we publish a roundup of the most important SEC enforcement developments for busy in-house lawyers and compliance professionals. This month, we examine: • The SEC’s announcement of its Fiscal Year 2023 enforcement...more
The Department of Homeland Security (DHS) recently released a final rule (Final Rule), effective July 21, 2023, updating the Homeland Security Acquisition Regulation (HSAR) to include cybersecurity provisions aimed at...more
In the recent case Construction Industry Laborers Pension Fund on behalf of SolarWinds Corporation, et. al v. Mike Bingle, et al. (2022), the Delaware Chancery Court considered whether the directors of SolarWinds Corporation,...more
On November 25, 2022, in Owsianik v. Equifax Canada Co., 2022 ONCA 813 (Owsianik), the Ontario Court of Appeal (Court) held that intrusion upon seclusion is not a viable cause of action against a defendant who has been the...more
On October 28, 2022, Vice Chancellor Morgan T. Zurn of the Delaware Court of Chancery ruled that the declaratory action brought by Buzzfeed Inc. against 91 current and former employees is not bound by arbitration provisions...more
The Federal Trade Commission (“FTC”) announced on Monday that it is settling a case against Drizly and its CEO stemming from a 2020 data breach that impacted roughly 2.5 million consumers. The proposed order not only...more
Hackers have increasingly focused on third-party vendors as avenues to data held by associated businesses. On August 25, 2022, DoorDash announced that it had experienced a data breach which impacted the personal...more
The United States District Court for the District of Minnesota, applying Minnesota law, has held that an insured’s loss resulting from the insured’s payment of fraudulent invoices received from a bad actor who hacked into the...more
The U.S. District Court for the Eastern District of Pennsylvania ruled that an insurance policy issued by Federal Insurance Co. excluded coverage for the transmission of $1.3 million by the insured in response to an email...more
The Court held that software developers do not owe a duty of care to bitcoin owners who lost their private keys. In Tulip Trading Ltd (TTL) v. Bitcoin Association for BSV and others, TTL claimed that personal computers of...more
Takeaway: In a prior article, we reported on the Second Circuit’s decision in McMorris v. Carlos Lopez & Associates, LLC, 995 F.3d 295 (2d Cir. 2021), in which the court, ruling on an issue of first impression, set out a...more
On May 19, 2022, the Department of Justice (DOJ) announced that it had revised its policy regarding prosecution under the federal anti-hacking statute, the Computer Fraud and Abuse Act (CFAA). Since the DOJ last made changes...more
In a significant development in anti-hacking criminal enforcement, the Department of Justice last week released new guidance for charging violations of the Computer Fraud and Abuse Act (“CFAA”), the nation’s premier computer...more
A complaint filed in federal court will test the boundaries of protection from liability for individuals behind decentralized autonomous organizations. On May 2, 2022, a putative class action was filed in the US District...more
As the world emerged from lockdown, it should come as no surprise that cybersecurity and data privacy remained dominant topics in the media and legal industry. Some of 2021 was much like 2020 – ransomware attacks continued to...more
On December 20, 2021, the SEC and DOJ each announced fraud charges against five Russian nationals. The five defendants are charged with a multiyear scheme of hacking into service providers that help public companies make...more
Ransomware attacks are on the rise. Cyber criminals continue to exploit lax security measures, which have become more acute in the work-from-home environment, and hack into companies’ systems, encrypt their data, and then...more
On October 5, the Delaware Court of Chancery issued a decision in Firemen’s Retirement System of St. Louis v. Sorenson, et al., C.A. No. 2019-0965-LWW, dismissing breach of fiduciary duty claims brought against various...more
On September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) released its Updated Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments (the “Updated Advisory”)....more
Many employers are facing growing problems with identity theft in a new way: data is being used to file false claims including requests for job service benefits and SBA loans through the PPP, among others. To address this...more
In G&G Oil Company of Indiana Inc. v. Continental Western Insurance Co., the Indiana Supreme Court considered the emerging area of computer crime coverage. ...more