No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 157: Sarah Glover, Maynard Nexsen Cybersecurity Attorney
Overview of Cybersecurity in Government Contracts
Episode 282 -- CISO and CCOs -- The Evolving Partnership
The Cybersecurity and Infrastructure Security Agency (CISA) confirmed on Tuesday, March 11, 2025, that the Multi-State Information Sharing and Analysis Center (MS-ISAC) will lose its federal funding and cooperative agreement...more
The productivity paradox: Does more technology mean less growth? Nobel Prize-winning economist Robert Solow famously remarked, “You can see the computer age everywhere except in the productivity statistics.” This paradox...more
In the July 2024 King’s Speech, the UK government announced its intention to introduce a Cyber Security and Resilience Bill (the “Bill”) to improve the UK’s cyber defenses and protect essential public services. The...more
If you are a customer of CrowdStrike, you are working on recovering from the outage that occurred on July 19, 2024. As if that isn’t enough disruption, CrowdStrike is warning customers that threat actors are taking advantage...more
In our latest roundup, alternative lenders take the lead in CRE loans, construction workers worry about artificial intelligence, prospective homeowners express concerns about climate risks, and more!...more
Why does it matter to you? In February of 2024, Change Healthcare, a prominent player in the healthcare industry, fell victim to a ransomware attack that sent shockwaves through its systems and networks. The incident...more
The U.S. Department of Health and Human Services (“HHS”) has expanded upon its recent Healthcare Sector Cybersecurity Concept Paper (which we covered in a prior blog post), issuing cybersecurity performance goals (“CPGs”) for...more
Prepare your organization to stay one step ahead in the ongoing battle against cyber and IT risk management. As organizations increasingly leverage third-party services and cloud technologies, cybercriminals are becoming...more
It is being reported that U.S. officials are investigating an attack by hackers “linked to Iran’s Islamic Revolutionary Guard Corps (IRGC), also known as the “Cyber Av3ngers,” that allowed them to gain control of a device at...more
In October 2023, the Transportation Security Administration (TSA) updated three of its cybersecurity directives regulating passenger and freight railroad carriers. The following security directives have been renewed for one...more
In the 1970’s, a series of tests of community water systems across the country led to some disturbing findings; varied standards of water containment, transmission, and handling were resulting in substantial health risks to...more
The National Association of Regulatory Utility Commissioners (“NARUC”) and National Association of State Energy Officials (“NASEO”) released an August 2023 report titled: State Microgrid Policy, Programmatic, and...more
On July 25, Missouri, Arkansas, and Iowa (the states), along with intervenors American Water Works Association and National Rural Water Association (the water associations), petitioned the Eighth Circuit to review the U.S....more
Cybersecurity research agencies around the world are warning organizations using VMware ESXi servers to patch an almost two (2) year old vulnerability to prevent being compromised by threat actors in the "ESXiArgs" ransomware...more
The rise of cyberattacks has led to a significant increase in the demand for cyber insurance policies. However, the insurance industry is struggling to keep pace with the ever-evolving threat landscape, which has resulted in...more
Over the past several years, the energy sector has become a prime target for hacking and ransomware attacks, with over 40 attacks on the industry since 2017. Cyber attacks have only continued to rise, with a record high of...more
House Approves Republican Energy Package - Four Democrats joined with all Republicans to approve, in a 225-204 vote, a massive House energy bill on March 30. While the bill will almost certainly not advance in the Senate,...more
EPA Aims to Mitigate Risk of Cyberattack on Public Water Systems On March 3, 2023, the U.S. Environmental Protection Agency (EPA) issued its Memorandum Addressing Public Water System (PWS) Cybersecurity in Sanitary Surveys or...more
At its open monthly meeting on March 16, 2023, the Federal Energy Regulatory Commission (FERC) approved a new cybersecurity standard proposed by the North American Electric Reliability Corporation (NERC) to address the supply...more
The FBI and the Cybersecurity & Infrastructure Security Agency have been warning the healthcare sector for years about vulnerabilities and ransomware gangs targeting those vulnerabilities. With millions of records -- and...more
What is in store for Privacy and Cybersecurity in 2023 - As the year ends, we offer this special edition with predictions for 2023 from each member of the Cyber Bits Partner Committee. Regardless of what happens in 2023, we...more
● Offshore Oil and Gas at Risk of Potentially Catastrophic Cyberattack: GAO - “The industry includes about 1,600 offshore oil and gas facilities that are highly dependent on remotely connected operational technology, the...more
On Thanksgiving of 2014, I received an urgent call asking me to be in London in 24 hours. My assignment was to run the advanced forensics recovery team serving several foreign offices of Sony Pictures in the wake of a...more
In its continued efforts to enhance the cybersecurity of transportation and other critical infrastructure systems across the country, the Transportation Security Administration (TSA) issued on October 19, 2022 a new security...more
On March 15, 2021, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), which will require critical infrastructure owners and operators (among other things) to report...more