Machine Learning for Environments with Bad Actors
Jenny Radcliffe on People Hacking
AFSA Extra Credit Podcast: Navigating Advertising During COVID-19
Compliance Perspectives: The Right Kind of Wrong
JOBS Act Implementation Regulations
As organizations continue to take steps to prevent cyberattacks, a near-universal recommendation is that they should implement multi-factor authentication (MFA), and for good reason. Organizations subject to the updated FTC...more
On January 29, 2024, the Bureau of Industry and Security (BIS) at the U.S. Department of Commerce issued a new proposed regulatory rule (the “Proposed Rule”), which will impose significant diligence, monitoring, and reporting...more
Connecticut AG William Tong sent an inquiry letter to 23andMe, Inc. asking the genetic testing and ancestry company for more information regarding an October 6th press release in which it disclosed that customer profile...more
The key to gaining buy-in for your cyber risk roadmap under tightening budgets and staffing challenges. This statement should come as no surprise: there’s been an alarming rise in the number and sophistication of cyber...more
Recent developments in Artificial Intelligence have opened the door to exciting possibilities for innovation. From helping doctors communicate better with their patients to drafting a travel itinerary as you explore new...more
With scams evolving and growing in volume and maturity, it is more important than ever before to be vigilant about what information is available to nefarious actors. This article provides common scam scenarios, tips for...more
In March 2023, the Office of the National Cyber Director released the public version of the National Cybersecurity Strategy, which provides strategic guidance for how the U.S. should protect internet users from cyberattacks...more
When you hear the word cyberattack you think of attacks on banks, large box stores, or medical facilities. You should add the construction industry to that list because it is the third most common target for cyberattacks....more
There’s no mistake, we’re in a recessionary cycle. We can stay out of the politics and debate related to predicting the exact cause, effect, size, and timeline of the recession. Debate or no debate, we’re already seeing...more
Executive Summary - The North Korean threat to the crypto ecosystem is the highest form of immediate risk to the crypto-economy driven by a regime that seeks to profit from its misuse to reinforce its regime and fuel all its...more
Takeaway: CISA and CGYBER recommend all organizations who did not immediately apply available patches to assume Log4Shell compromise and initiate threat hunting activities. In December 2021, the world was held hostage by...more
The United States District Court for the District of Minnesota, applying Minnesota law, has held that an insured’s loss resulting from the insured’s payment of fraudulent invoices received from a bad actor who hacked into the...more
Editor’s Note: On July 27, 2022, HaystackID shared an educational webcast on the topic of Committee on Foreign Investment in the United States (CFIUS) compliance. CFIUS is a U.S. government interagency committee with the...more
What: Cleared Defense Contractors (CDCs) are being actively targeted by Russian state-sponsored cyber activity, according to a Joint Cybersecurity Advisory from the Federal Bureau of Investigation (FBI), National Security...more
Privacy In Focus®- In 2021, cyber gained prominence as a top business risk and national security concern with ransomware attacks wreaking havoc on business operations and critical infrastructure. Companies large and small,...more
Federal officials have recently warned employers and businesses that they could have insult added to injury if they respond to cyberattacks by making ransomware payments – increasingly requested through cryptocurrency – as...more
Liverpool-based Jenny Radcliffe, who leads Human Factor Security, is not your typical hacker, clad in a black hoodie and working out of basement. Rather than spending her time hunched over a keyboard, she seeks to hack...more
Report on Patient Privacy 18, no. 1 (January 2021) - Security threats to health care entities will continue to escalate in 2021, as bad actors with significant capabilities target pandemic-weary organizations still...more
Until recently, hackers have had limited success stealing Two-Factor Authentication (2FA) PIN and token information. Unfortunately, a tool has been released that will now make it much easier for practically any bad actor to...more
The Securities and Exchange Commission recently settled with Voya Financial Advisors, Inc. for alleged violation of Regulation S-ID (otherwise known as the Identity Theft Red Flags Rule) and Regulation S-P (otherwise known as...more
Introduction - Despite an anticipated de-regulatory push, there are significant new regulatory concerns for investment advisers to address in connection with their annual review of their compliance manuals. ...more
On Tuesday, July 25, 2017, SEC Chairman Jay Clayton spoke at the U.S. Chamber of Commerce Center for Capital Markets Competitiveness (CCMC). During the panel, Chairman Clayton discussed the Commission’s priorities on a...more
Investment Advisers - Annual Compliance Reviews - All investment advisers registered with the Securities and Exchange Commission (“SEC”) or The Commonwealth of Massachusetts are required to review their compliance...more