No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Life With GDPR: Critical Perspectives on Big Law Firm Cybersecurity
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
State AG Pulse | CT AG Reacts to Genetic Data Breach
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: State Privacy and Data Collection
Learning Objectives: - Gain an understanding of recent changes to the cyber security landscape - Where to start: elevate your cyber security risk management - Educate on the future of cyber security in healthcare and...more
What if a single compromised credential could silently bring down your entire organization? Our recent threat hunts across Fortune 100 clients suggest that this isn't just a possibility—it's a reality....more
What do the SolarWinds ruling and other recent developments mean for the future of the SEC’s cyber regulatory program? Will the SEC’s “lack of moderation” result in “violent ends” for its cyber agenda? Or will the current...more
RegFi co-hosts Jerry Buckley and Sherry Safchuk welcome Orrick partner Aravind Swaminathan for a conversation exploring the critical and evolving role of the Chief Information Security Officer in today’s corporate landscape.....more
This Holland & Knight blog post is the second installment in a two-part series that examines the challenges to the U.S. Securities and Exchange Commission's (SEC) charges in its landmark case against SolarWinds Corp....more
On July 18, 2024, District Court Judge Engelmayer of the Southern District of New York issued his 107-page opinion and order dismissing most – but not all – of the landmark allegations of the SEC against SolarWinds Corp. and...more
On July 18, a New York federal judge threw out most of the SEC’s claims brought against both SolarWinds Corp. and the company’s chief information security officer (CISO), Timothy Brown....more
The SEC continues to expand its cybersecurity enforcement authority to include allegations that a company's failure to monitor its managed security service providers (MSSP) amounts to violations of federal securities laws....more
Learning Objectives: - Determine when a Privacy Incident Response Plan is needed - Identify the key steps and roles needed in a Privacy Incident Response Plan - Examine and bridge gaps in your org’s readiness to...more
Join us for an insightful webinar with Miller Nash’s head of privacy and data security team, Eva Novick, and colleague, Delfina Homen, where we will delve into the essentials of privacy and data security in 2024. Whether...more
Managing these risks at a single company should be straightforward. Executives and CISOs may be personally held accountable for cyber failings, negligence, breaches, and inadequate disclosure around cyber vulnerabilities and...more
At this point, it is self-evident that companies are grappling with an ever-evolving (think: tougher) cyber risk terrain. However, two recent cases against companies and their Chief Information Security Officers (CISOs),...more
On October 30, 2023, the Securities and Exchange Commission filed a securities fraud claim in federal court in the Southern District of New York against SolarWinds Corporation as well as its Chief Information Security...more
CYBERSECURITY CISOs: New Report Outlines Risks of LLMs - I hang out with a lot of Chief Information Security Officers (CISOs), so this piece is for them. Of course, it will be of interest to all security professionals...more
According to a New York Times story this weekend, the Security Exchange Commission’s lawsuit against SolarWinds is driving discussions in boardrooms and corporate security departments of large organizations about the handling...more
New York Gov Kathy Hochul is touting her proposed statewide cybersecurity regulations for hospitals and health systems as “nation-leading,” and, if approved, those entities will have until February 2025 to comply with the new...more
The Biden Administration Issues Executive Order on Artificial Intelligence - On October 30, 2023, President Biden signed an Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence (the “Order”)...more
On October 30, the US Securities and Exchange Commission (SEC) announced fraud charges against SolarWinds and its former chief information security officer (CISO), alleging that “SolarWinds’ public statements about its...more
The Securities and Exchange Commission (SEC) is ratcheting up the pressure on chief information security officers (CISOs)—and it’s entirely deliberate. In this post, I’ll discuss the litigation landscape against SolarWinds,...more
The cyber breach of SolarWinds’ software in 2020 (the “SolarWinds breach” or “cyber breach”) has been described as the “largest and most sophisticated attack the world has ever seen.” As a result of the cyber breach,...more
On July 26, 2023, the Securities and Exchange Commission (SEC) implemented new cybersecurity rules to require disclosure of material cybersecurity incidents within four business days, with limited exceptions. Additionally,...more
Clearly defined roles and responsibilities are an essential component of an effective compliance program. Failure to adequately assign responsibility can lead to gaps in compliance coverage and a lack of accountability. ...more
If you ask corporate board members and senior executives to list their number one risk (other than financial operations), the answer in today’s risk environment is clear – cybersecurity and data privacy. The rapid elevation...more
Ransomware is a scary term for many business leaders and CISOs who dread being hit with a malware attack that locks up their data and could shut down operations. They expect to find that oddly-worded ransom note advising how...more
ChatGPT really is a marvelous technology – an artificial intelligence designed to answer just about any question a person might ask it – and yet, somehow, it leaves CISOs and compliance officers with even more questions....more