No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 157: Sarah Glover, Maynard Nexsen Cybersecurity Attorney
Overview of Cybersecurity in Government Contracts
Episode 282 -- CISO and CCOs -- The Evolving Partnership
The Artificial Intelligence Act (AI Act) is the world's first comprehensive legal framework for AI regulation, which entered into force on August 1, 2024. The AI Act aims to ensure that AI systems are trustworthy, safe and...more
On Friday, December 27, 2024, the Justice Department issued a final rule to address “urgent national security risks posed by access to U.S. sensitive personal and government-related data from countries of concern and covered...more
Recognizing the increasing number of successful cyberattacks targeting health care organizations and their valuable patient data, the Office of the Inspector General (OIG) is calling for enhancements to the HIPAA audit...more
Last week, the California Legislature passed several bills that, if signed by the governor, will regulate how organizations develop, train, and use artificial intelligence (AI) models, systems, and applications. Of these...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
The Environmental Protection Agency earlier this week issued an enforcement alert, explaining cybersecurity threats and vulnerabilities to community drinking water systems (CWSs) and actions needed by these systems in order...more
On April 25, 2024, the attorneys general of 22 states issued a letter encouraging UnitedHealth Group and its subsidiary, Change Healthcare, to take additional steps to respond to a massively disruptive cyberattack. The broad,...more
During 2023, privacy protection and artificial intelligence regulation continued apace and their implications continued to be a major focus in Israel and around the world. In Israel, this was reflected in a number of...more
The year 2023 was a busy one for regulatory, compliance, and enforcement developments in the healthcare and life sciences industries, and 2024 promises to be even busier. We tapped MoFo’s Life Sciences + Healthcare Compliance...more
Data security is a top concern for organizations in today’s digital landscape. It protects data from unauthorized access, use, modification, or disclosure, and requires implementing technical, administrative, and physical...more
On October 30, 2023, the US Securities and Exchange Commission ("SEC") announced that it filed charges against SolarWinds Corp. ("SolarWinds" or the "Company") and its Chief Information Security Officer ("CISO") in connection...more
On June 22, 2023, Gurbir S. Grewal, Director of the SEC’s Division of Enforcement, spoke on the topic of cyber resilience at the Financial Times Cyber Resilience Summit. Director Grewal defined cyber resilience as a guiding...more
New York’s Department of Financial Services signaled once again its intent to strongly enforce the state’s Cybersecurity Regulation by finding OneMain Financial Group violated the law in several ways and imposing a $4.25...more
On March 2, 2023, the White House Office of the National Cyber Director released the National Cybersecurity Strategy (the “Strategy”). While the Strategy carries no legal force in and of itself, it sets forth a bold roadmap...more
In 2023, the NYDFS is poised to finalize several significant new regulations and will likely continue its aggressive cybersecurity, anti-money laundering (AML) and consumer protection enforcement. The New York Department of...more
A strong cybersecurity program can help defend against cyber attacks and protect sensitive patient data. Thanks to a 2021 amendment of the HITECH Act, when a breach occurs, it can also reduce enforcement penalties. The...more
On March 15, 2021, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), which will require critical infrastructure owners and operators (among other things) to report...more
As we live and work in an increasingly globalized and computerized world, data, privacy and security (DPS) issues will converge across regions. Asia, however, has some of its own unique challenges trending as we discuss...more
The Data Security Incident Response Report features insights and metrics from 1,270+ incidents that members of the firm’s DADM Practice Group helped clients manage in 2021. This episode takes us deeper into ransomware. ...more
The Cyber Incident Reporting for Critical Infrastructure Act (“CIRCIA” or “the Act”) is a new federal law, adopted in March 2022, which requires critical infrastructure entities to report certain cybersecurity incidents and...more
On March 15, 2022, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act (the Act) as part of the Consolidated Appropriations Act of 2022. The Act requires "critical sector" entities to...more
Amid the escalating conflict in Ukraine and concerns of Russian cyber threats to the United States, President Joe Biden recently signed a $1.5 trillion government spending deal with serious cybersecurity reporting obligations...more
On February 23, 2022, Assistant Attorney General Matthew Olsen announced that the DOJ’s China Initiative was officially ending. He also announced DOJ’s new national security strategy - Strategy for Countering Nation-State...more
Companies and consumers alike are under perpetual assault from bad actors as IoT, work from home, and cloud migration – all intended to improve productivity – have expanded the cyber attack surface. The continually evolving...more
The cyber landscape is changing once again, in terms of impact, policy and potential exposure. In the wake of the Colonial Pipeline hack, the Biden administration released a long-awaited Executive Order intended to strengthen...more