No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
Overview of Cybersecurity in Government Contracts
Cybersecurity: What Healthcare Providers Need to Know
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
No Password Required: The Sailing CTO of Sylint Group Who Routinely Defends Against Nation-State Attacks on Critical Infrastructure
Webinar Recording - Crypto Breaches: Legal & Regulatory Update
No Password Required: A Cybersecurity Education Specialist, Whose Passions Include the Forest, DIY, and Deviled Eggs
Cyberside Chats: Everyone wants to be Batman. Hacking Back & Cybersecurity Law
Defense In-Depth: Cybersecurity For Energy
Greetings and Felicitations - Aly McDevitt on Ransomware Case Study, Part 2
Not If, but When: A Data Protection Roadmap for Legal Teams in a Post-Pandemic World
How to Protect your Organization From a Cybersecurity Attack
Phishing: Cybersecurity’s Biggest Threat
No Password Required: An Infowar Expert Paved the Path From Rock-And-Roll to Cybersecurity
Cybersecurity & Data Privacy Webinar Series: Password Protected: Essential Cybersecurity & Data Privacy Planning for Your Small Business
CF on Cyber: The Anatomy of a Ransomware Attack - Part 2
CF on Cyber: The Anatomy of a Ransomware Attack - Part 1
Fighting Cyber Crime: The $1 Trillion Invisible Threat
Podcast: How Can Companies in the Health Care and Life Sciences Industries Strengthen Their Cybersecurity Posture? - Diagnosing Health Care
The U.S. District Court for the Southern District of New York on July 18, 2024, dismissed most of the SEC's landmark cyber enforcement litigation against SolarWinds Corp. (SolarWinds or the Company) and the Company's Chief...more
In a reminder that open source products can carry significant risks beyond intellectual property, a vulnerability in a compression tool commonly used by developers has triggered widespread concerns....more
The Department of Homeland Security (DHS) recently released a final rule (Final Rule), effective July 21, 2023, updating the Homeland Security Acquisition Regulation (HSAR) to include cybersecurity provisions aimed at...more
In the recent case Construction Industry Laborers Pension Fund on behalf of SolarWinds Corporation, et. al v. Mike Bingle, et al. (2022), the Delaware Chancery Court considered whether the directors of SolarWinds Corporation,...more
On November 25, 2022, in Owsianik v. Equifax Canada Co., 2022 ONCA 813 (Owsianik), the Ontario Court of Appeal (Court) held that intrusion upon seclusion is not a viable cause of action against a defendant who has been the...more
The Federal Trade Commission (“FTC”) announced on Monday that it is settling a case against Drizly and its CEO stemming from a 2020 data breach that impacted roughly 2.5 million consumers. The proposed order not only...more
The United States District Court for the District of Minnesota, applying Minnesota law, has held that an insured’s loss resulting from the insured’s payment of fraudulent invoices received from a bad actor who hacked into the...more
The U.S. District Court for the Eastern District of Pennsylvania ruled that an insurance policy issued by Federal Insurance Co. excluded coverage for the transmission of $1.3 million by the insured in response to an email...more
Takeaway: In a prior article, we reported on the Second Circuit’s decision in McMorris v. Carlos Lopez & Associates, LLC, 995 F.3d 295 (2d Cir. 2021), in which the court, ruling on an issue of first impression, set out a...more
On May 19, 2022, the Department of Justice (DOJ) announced that it had revised its policy regarding prosecution under the federal anti-hacking statute, the Computer Fraud and Abuse Act (CFAA). Since the DOJ last made changes...more
In a significant development in anti-hacking criminal enforcement, the Department of Justice last week released new guidance for charging violations of the Computer Fraud and Abuse Act (“CFAA”), the nation’s premier computer...more
As the world emerged from lockdown, it should come as no surprise that cybersecurity and data privacy remained dominant topics in the media and legal industry. Some of 2021 was much like 2020 – ransomware attacks continued to...more
Ransomware attacks are on the rise. Cyber criminals continue to exploit lax security measures, which have become more acute in the work-from-home environment, and hack into companies’ systems, encrypt their data, and then...more
On October 5, the Delaware Court of Chancery issued a decision in Firemen’s Retirement System of St. Louis v. Sorenson, et al., C.A. No. 2019-0965-LWW, dismissing breach of fiduciary duty claims brought against various...more
On September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) released its Updated Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments (the “Updated Advisory”)....more
Many employers are facing growing problems with identity theft in a new way: data is being used to file false claims including requests for job service benefits and SBA loans through the PPP, among others. To address this...more
In G&G Oil Company of Indiana Inc. v. Continental Western Insurance Co., the Indiana Supreme Court considered the emerging area of computer crime coverage. ...more
The California State Controller’s Office (SCO) was recently a victim of phishing. According to its website, an employee of the SCO’s Unclaimed Property Division clicked on a link in an email, entered their user ID and...more
The 11th Circuit recently weighed in on the hottest issue is data breach litigation, whether a demonstration of actual harm is required to have standing to sue. Joining several other circuit courts, the 11th Circuit in Tsao...more
There are cybersecurity lessons to be learned from high profile data breaches and the ensuing regulatory responses. The recent well-publicized Twitter hack is no different. According to the New York State Department of...more
On September 23, 2020, the Office for Civil Rights (OCR) within the U.S. Department of Health and Human Services (HHS) announced that CHSPSC LLC, (CHSPSC) agreed to pay $2,300,000 and adopt a Corrective Action Plan (CAP) to...more
On Tuesday, September 15, New York Attorney General Letitia James announced a settlement with Dunkin’ Brands Inc. regarding a lawsuit in New York state court titled The People of The State of New York et al. v. Dunkin’ Brands...more
On August 20, 2020, former Uber Chief Security Officer Joe Sullivan was charged with obstruction of justice and misprision of a felony for knowingly concealing a hack of Uber in 2016. Based on Sullivan’s complaint,...more
In this month's edition, we examine the Court of Justice of the European Union's decision invalidating the EU-U.S. Privacy Shield framework, as well as the U.S. government's response to the decision. We also examine two...more
Takeaway: Data breach cases often turn on whether the threat of future identity theft suffices to establish Article III standing. In yet another data breach case, In re Brinker Data Incident Litig., 3:18-CV-686-J-32MCR,...more