No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 157: Sarah Glover, Maynard Nexsen Cybersecurity Attorney
Overview of Cybersecurity in Government Contracts
Episode 282 -- CISO and CCOs -- The Evolving Partnership
On April 14, the OCC released a letter providing more details on the recent security breach involving its email systems. The breach — identified as a major incident under the Federal Information Security Modernization Act...more
On April 8, the OCC announced it had notified Congress of a major information security incident, as required by the Federal Information Security Modernization Act. The incident involved unauthorized access to emails and their...more
As regulators worldwide continue to scrutinize the impact of AI on industries within their respective purviews, two key global agencies issued guidance in October 2024 that highlighted AI-based cybersecurity risks and best...more
In recent years, banking fraud in France has surged, driven by advanced technology and the integration of payment methods and mobile banking. We do a deep dive into the legislation to help our clients stay informed and...more
In May, Santander Bank faced a significant cybersecurity breach that affected millions of its customers and employees worldwide. The hacking group ShinyHunters claimed responsibility for the attack, which also targeted...more
ACI’s 8th Annual Legal, Regulatory, and Compliance Forum on Fintech & Emerging Payment Systems will provide in-depth guidance on the latest regulatory developments at the Federal and State Level that you need to be aware of....more
Coyote, a new Brazilian malware, is currently hunting down credentials for sixty-one (61) different banking applications. Researchers expect the malware to spread internationally. Russian cybersecurity firm Kaspersky has...more
On October 27, the Federal Trade Commission (FTC or Commission) published a final rule expanding data breach notification requirements for certain financial institutions (Final Rule). Federal Register, will require entities...more
US regulators have increased their focus on cybersecurity issues impacting financial services companies, with a host of guidance documents recently released by the US Securities and Exchange Commission (SEC), the three...more
AML compliance for reporting entities has never been of greater critical importance than it is today. With the growing sophistication of criminals and the methods and technologies that they employed, combined with the...more
Financial institutions are in a tough spot- caught between the “bad guys” (state-sponsored cyberattacks and cyber criminals) and “good guys” (ever more aggressive regulators)- what’s a bank to do??? Tune in to find out!...more
The Massachusetts State Police Commonwealth Fusion Center (CFC) believes that cyber actors may use the current bank failures for future phishing and business email compromise (BEC) attacks. Cyber actors often use current...more
We have written on previous occasions about the rise in frequency and severity of Business Email Compromise (BEC) cyberattacks. As explained in other posts, BEC attacks are a type of phishing scam typically targeting...more
Join American Conference Institute at the 7th Annual Legal, Regulatory and Compliance Forum on FinTech & Emerging Payment Systems on April 18-19, 2023, in New York! Gain key insights into the hurdles arising amid...more
The National Credit Union Administration (NCUA) has approved a final rule requiring federally chartered and federally insured credit unions to notify NCUA of a "reportable cyber incident" "as soon as possible and no later...more
Both the EU and the UK are taking steps to enhance the rules in the financial services sector to add a new layer of direct regulation for key technology providers to banks and other regulated financial services institutions –...more
FDIC Directs Banks to Provide Notice Before Engaging in Crypto-related Activities According to guidance recently issued by the FDIC, banks that it supervises and that intend to engage in, or are already engaged in, activities...more
In This Issue. The U.S. Securities and Exchange Commission (SEC) proposed rules to include certain significant market participants as “dealers” or “government securities dealers” to essentially eliminate the trader exclusion...more
In This Issue. The U.S. Securities and Exchange Commission (SEC) proposed a new rule to increase market transparency regarding short selling and extended the comment period for its proposed rule requiring reporting on...more
In This Issue. The U.S. Securities and Exchange Commission (SEC) proposed changes to private fund regulation; the Office of the Comptroller of the Currency (OCC) succeeded in validating its “valid-when-made” rulemaking; the...more
Following the SolarWinds and the Colonial Pipeline cyberattacks, the Biden Administration emphasized a shift toward mandatory cybersecurity requirements. Throughout 2021, government agencies issued new cybersecurity guidance,...more
The federal banking agencies recently issued a final regulation that will require a bank to notify its primary federal regulator of a cyberattack, or computer-security incident, no later than 36 hours after the bank...more
On November 18, 2021, the Office of the Comptroller of the Currency (“OCC”), the Board of Governors of the Federal Reserve System (“Board”), and the Federal Deposit Insurance Corporation (“FDIC”) (collectively, the...more
Banking organizations must notify the appropriate agency within 36 hours of certain computer-security incidents; and banking service providers must notify affected banking organizations as soon as possible in the event of an...more
On November 18, 2021, three US agencies – the Office of the Comptroller of the Currency (OCC), the Federal Reserve Board (FRB) and the Federal Deposit Insurance Corporation (FDIC) – issued a joint rule concerning...more