No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Life With GDPR: Critical Perspectives on Big Law Firm Cybersecurity
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
State AG Pulse | CT AG Reacts to Genetic Data Breach
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: State Privacy and Data Collection
We are pleased to announce that several of the firm’s practice groups and attorneys were recognized in the 2024 edition of Chambers USA, a directory of leading law firms and attorneys. Chambers and Partners annually...more
Modern warfare is no longer restricted to physical battlefields and professional military. Countries like North Korea and Russia have few qualms about using cyberspace to reach well beyond their physical borders to target...more
China’s CAC and Hong Kong’s ITIB jointly released GBA SCCs, which may be adopted to transfer personal information between entities within the GBA. On December 13, 2023, the People’s Republic of China’s (PRC’s) Cyberspace...more
Chinese authorities have arrested alleged hackers in what appears to be the first-ever reported case of hackers using AI to develop ransomware. These alleged hackers reportedly used ChatGPT to refine the code for their...more
While there have been major developments in areas such as data security, cloud computing, and artificial intelligence over the past year, threat actors are becoming increasingly aggressive, sophisticated, and in some cases,...more
CYBERSECURITY - Nineteen States Have Banned TikTok on Government-Issued Devices - Governors of numerous states have issued Executive Orders in the past several weeks banning TikTok from government-issued devices and...more
According to the National Security Agency, actors backed by the Chinese government are actively targeting a zero-day vulnerability in two commonly-used Citrix networking devices. The exploit (CVE-2022-27518) affects Citrix...more
According to NBC News and Reuters, the United States Secret Service confirmed that hackers from APT41, a criminal cyber-hacking group linked to the Chinese Communist Party, stole “at least $20 million in U.S. Covid Relief...more
CYBERSECURITY - CISA Lists Top CVEs Exploited by Chinese State-Sponsored Cyber Actors - The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and...more
The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and Exposures (CVEs) that have been used by the People’s Republic of China (PRC) state-sponsored...more
Hackers allegedly stole the personal data of over 1 billion Chinese residents from a police database in Shanghai earlier this year – and the largest potential data privacy breach in the nation’s history should serve as a...more
Ransomware/Malware Activity - Twitter Confirms Data Breach Affecting 5.4 Million Account Profiles - On August 5, 2022, Twitter confirmed it has suffered a data breach after receiving a report of a vulnerability through...more
CYBERSECURITY - Joint Advisory Warns of Chinese-Sponsored Attacks on Telecommunications Companies - A joint advisory issued June 7, 2022, by the Cybersecurity & Infrastructure Security Agency, FBI and the National...more
CYBERSECURITY - Chinese APT41 Attacking State Networks - Although we are receiving frequent alerts from CISA and the FBI about the potential for increased cyber threats coming out of Russia, China continues its cyber...more
Although we are receiving frequent alerts from CISA and the FBI about the potential for increased cyber threats coming out of Russia, China continues its cyber threat activity through APT41, which has been linked to China’s...more
In Part 2 of this series, we discussed how the Personal Information Protection Law (“PIPL”), the centerpiece of China’s personal information (“PI”) protection law, needs to be read in conjunction with other relevant laws,...more
Selected Developments in U.S. Law - SEC Proposed Rule Will Require Private Funds to Report Certain Cyber Events On January 26, 2022, the U.S. Securities and Exchange Commission (SEC) proposed new rules to enhance hedge fund...more
Microsoft has issued frequent updates on the Log4j vulnerability that we have been hearing so much about. The vulnerability is a serious problem that will become more widespread as time goes on....more
Last week’s blog detailed the wave of state legislation that occurred in the U.S. during 2021. It is no surprise that there were also many data privacy developments abroad. It is crucial that organizations affected by...more
While everyone hoped that 2021 would be less tumultuous than 2020, it certainly did not turn out that way in the end. The same was true in the world of data privacy – with sweeping new data protection regulations and guidance...more
On November 14, 2021, the Cyberspace Administration of China (CAC) released draft Regulations on the Management of Online Data Security (the “Regulations”) for China’s data privacy and security laws, including the...more
China had a lot of legislative movement in the area of data privacy this year. On June 10, 2021, the Data Security Law (DSL) was passed and it became effective on Sept. 1, 2021. This is a broader law applying to data...more
Report on Patient Privacy 21, no. 10 (October, 2021) - Conducting a risk analysis is a basic tenet of security compliance, with the overarching goal of understanding where protected health information (PHI) “lives” in an...more
In Blackbaud Inc. Customer Data Security Breach Litigation, No. 3:20-mn-02972 (D.S.C. Aug. 12, 2021), a federal judge found that defendant, Blackbaud Inc. was subject to the CCPA despite its motion to dismiss asserting that...more
Earlier this June, China passed the Data Security Law (“DSL”), which will go into effect on September 1, 2021. Unlike many international data security laws, the DSL is not restricted to personal information and instead...more