No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
Overview of Cybersecurity in Government Contracts
Cybersecurity: What Healthcare Providers Need to Know
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
No Password Required: The Sailing CTO of Sylint Group Who Routinely Defends Against Nation-State Attacks on Critical Infrastructure
Webinar Recording - Crypto Breaches: Legal & Regulatory Update
No Password Required: A Cybersecurity Education Specialist, Whose Passions Include the Forest, DIY, and Deviled Eggs
Cyberside Chats: Everyone wants to be Batman. Hacking Back & Cybersecurity Law
Defense In-Depth: Cybersecurity For Energy
Greetings and Felicitations - Aly McDevitt on Ransomware Case Study, Part 2
Not If, but When: A Data Protection Roadmap for Legal Teams in a Post-Pandemic World
How to Protect your Organization From a Cybersecurity Attack
Phishing: Cybersecurity’s Biggest Threat
No Password Required: An Infowar Expert Paved the Path From Rock-And-Roll to Cybersecurity
Cybersecurity & Data Privacy Webinar Series: Password Protected: Essential Cybersecurity & Data Privacy Planning for Your Small Business
CF on Cyber: The Anatomy of a Ransomware Attack - Part 2
CF on Cyber: The Anatomy of a Ransomware Attack - Part 1
Fighting Cyber Crime: The $1 Trillion Invisible Threat
Podcast: How Can Companies in the Health Care and Life Sciences Industries Strengthen Their Cybersecurity Posture? - Diagnosing Health Care
Business account takeover (“ATO”) fraud occurs where a threat actor gains access to a business account on a payments platform (e.g., a payroll or accounts payable tool) or fraudulently creates such an account and engages in...more
In an effort to “promote privacy and cybersecurity by upholding the legal right of individuals, network owners, operators, and other persons to ensure the confidentiality, integrity, and availability of information stored in...more
On May 19, 2022, the Department of Justice (DOJ) announced that it had revised its policy regarding prosecution under the federal anti-hacking statute, the Computer Fraud and Abuse Act (CFAA). Since the DOJ last made changes...more
In a significant development in anti-hacking criminal enforcement, the Department of Justice last week released new guidance for charging violations of the Computer Fraud and Abuse Act (“CFAA”), the nation’s premier computer...more
In a landmark decision, the U.S. Supreme Court has ruled that the Computer Fraud and Abuse Act (CFAA), 18 U.S.C. § 1030 et seq., does not prohibit improper use of computer information to which an individual has authorized...more
As we noted in late January 2020, the spread of infectious disease raises particular concerns for healthcare workers who want to do their jobs and care for their patients, while also protect themselves and their families....more
Loose language in a criminal statute conferring a private cause of action – such as the Computer Fraud and Abuse Act (CFAA) – presents an interpretative dilemma for courts. The CFAA furthers the legitimate public interest in...more
Now entering its ninth month in the United States with no sign of slowing down, the COVID-19 pandemic has forced many employers to make permanent changes to business operations in order to survive. Among the most noticeable...more
Report on Patient Privacy 19, no. 12 (December 2019) - Health care data breaches will have cost the industry $4 billion by the end of 2019, and 2020 is likely to be worse, reports a new survey from Black Book Market...more
On August 25, 2017, the FTC released its fifth “Stick with Security” principal, which focused on how companies can protect their virtual “entrances and exits” and make life harder for hackers. The FTC believes that the...more
California’s Computer Data Access And Fraud Act, Cal. Pen. Code, § 502 (“CDAFA”) is a state law analog to the federal Computer Fraud and Abuse Act, 18 U.S.C. § 1030 et seq. (“CFAA”). Both are aimed at fighting unauthorized...more
A company can recover damages from its former employee in connection with his hacking into its payroll system to inflate his pay, accessing its proprietary files without authorization and hijacking its website, a federal...more
Failure to conduct a risk assessment before a hacking incident occurred resulted in a $400,000 settlement between the Office of Civil Rights (OCR) and a Federally Qualified Health Clinic (FQHC). The FQHC filed a breach...more
Data security officers typically look for security risks by monitoring reports from automated security systems, listening to employees’ reports of security issues, and/or auditing IT systems. There is a great deal of debate,...more
This week, the United States Supreme Court upheld a conviction under the Computer Fraud and Abuse Act despite the Court’s acknowledgement that the jury had been wrongfully instructed on the elements of the crime charged. ...more
Last Friday, Chris Correa, the former scouting director of the St. Louis Cardinals, pleaded guilty in federal court in Texas for unlawfully accessing the Houston Astros’ database, which included scouting and draft...more
On January 8, 2016, Christopher Correa, the former director of Baseball Development for the St. Louis Cardinals, pleaded guilty to each count of a five-count criminal information, charging him with felony violations of...more
Economic espionage and computer hacking can touch all industries and business types. Computer hacking is a federal crime, and federal prosecutors are aggressively targeting cases involving the unauthorized access of a...more
The Energy & Commerce Committee of the U.S. House of Representatives held a hearing on October 21st titled “Examining Ways to Improve Vehicle and Roadway Safety” to consider (among other matters) Vehicle Data Privacy...more
On October 7, 2015, former Tribune Company employee Matthew Keys was convicted of three felonies stemming in part from assistance he provided to the hacking collective Anonymous to alter content on the LA Times’ website. ...more
Highlights Areas of High Risk and Examination Priorities for Financial Industry Firms - On September 15, the U.S. Securities and Exchange Commission’s (SEC’s) Office of Compliance, Inspections and Examinations (OCIE),...more