No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 157: Sarah Glover, Maynard Nexsen Cybersecurity Attorney
Overview of Cybersecurity in Government Contracts
Episode 282 -- CISO and CCOs -- The Evolving Partnership
SentinelOne researchers have discovered AkiraBot, which is used to target small- to medium-sized company websites with generative AI, and drafted outreach messages for website chats, comments, and contact forms. SentinelOne...more
My home state of Rhode Island may be the smallest in the union, but it has taken on a significant initiative to implement the Protective Domain Name Service (PDNS) in all 64 public school districts. PDNS, an initiative...more
Publications & Advisories - November 2024 – Kathleen Benway, Jennifer Everett, Alysa Austin, and Kristen Bartolotta published “Federal Trade Commission’s Updated Health Breach Notification Rule Is Now in Effect” in Employee...more
If you are a customer of CrowdStrike, you are working on recovering from the outage that occurred on July 19, 2024. As if that isn’t enough disruption, CrowdStrike is warning customers that threat actors are taking advantage...more
Efforts to Address the Lack of Federal Data Privacy Legislation in the U.S. Have Continued - The need for federal data privacy legislation was reiterated in the House Energy and Commerce Committee’s Subcommittee on...more
Report on Patient Privacy Volume 23, no 2 (February 2023) DCH Health Systems, based in Tuscaloosa, Ala., said it fired an employee in December after a routine privacy audit revealed evidence that the worker had accessed some...more
The misinformation on social media about the election results (and other topics) is rampant. Social media companies like Twitter and Facebook are struggling with the balance between the First Amendment right to free speech...more
The current COVID-19 pandemic has forced many businesses online in order to survive. In many cases, businesses had no plans to be online. Others were forced to move online more quickly than planned. In order to assist these...more
By now, you’ve heard a horror story or two about ransomware. The city of Baltimore’s tale stands out. After cyber-criminals attacked the city’s servers and applications, they demanded $76,000 to decrypt the affected files....more
Cybersecurity Awareness Month may have ended on October 31, but cyber criminals are active 365 days a year, and they’re online looking for vulnerabilities around the clock. Every day, we also spend time online: navigating the...more
The Federal Bureau of Investigations Internet Crime Complaint Center (IC3) recently issued a public service announcement warning private companies about the increasing numbers of ransomware attacks affecting private industry....more
I am not a big fan of putting all of one’s passwords in one place, but many people use password managers. If you use Last Pass (see previous blog posts about Last Pass here and here), be aware that it was recently advised by...more
James Grago has a nice business going. He runs a website called ClixSense.com that permits users to earn money by completing surveys and watching advertisements. Revenues grew from $6.7 million in 2015 to $9.1 million in...more
The National Cyber Security Centre (NCSC), an organisation of the UK Government that provides cybersecurity advice and support for the public and private sector, published an article earlier this year relating to a recent...more
Thinking about cyber security education for young children, elderly parents and grandparents might not be necessarily be on the top of your priority list. But, it is important given the substantial increase in malware and...more
Facebook announced late last week that it had suffered the largest breach in its history—50 million accounts were compromised, and another 40 million accounts affected—yes, that equals 90 million accounts. ...more
Another day, and another form of hacking comes to light. On June 26, 2018, the United States Computer Emergency Readiness Team (US-CERT), an agency within the U.S. Department of Homeland Security, issued a security tip...more
Originally published in the Upstate Business Journal on February 15, 2018. Meet Peter — a longtime employee and the backbone of your business’s day-to-day finance and accounting operations. Today he got an email from the...more
The United States Department of Justice (“DOJ”) recently indicted thirty-six individuals leading a global cybercrime ring for allegedly trafficking in stolen personal and financial information....more
The U.S. Attorney’s Office of the District of Connecticut has announced the creation of a Connecticut Cyber Task Force (“CCTF”) in partnership with the FBI, DEA, Secret Service, Homeland Security, IRS, Connecticut State...more
On November 24, 2017, image-sharing website Imgur disclosed that email addresses and passwords of 1.7 million users were stolen in a 2014 hack on the company. Imgur became aware of the breach on November 23, 2017 when a...more
Ashley Madison, which suffered a data breach in 2015 involving the loss of 37 million users’ personal and financial information, has settled the suit for $11.2 million....more
The Federal Trade Commission (FTC) announced on May 9, 2017, that it has launched a new website that “helps small businesses avoid scams and cyber-attacks.”...more
Qakbot (Qbot) first emerged in 2009 as a piece of malware designed to steal online banking credentials from infected computers. It used classic key-logger technology combined with an ability to steal active session...more
Cybersecurity specialists at BAE Systems and Symantec announced last week new evidence suggesting that the criminals behind the notorious 2014 attack on Sony Corp. are also responsible for recent cyber-attacks involving 104...more