No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Life With GDPR: Critical Perspectives on Big Law Firm Cybersecurity
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
State AG Pulse | CT AG Reacts to Genetic Data Breach
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: State Privacy and Data Collection
‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more
Editor’s Note: In this informative webcast, Christopher Wall, DPO and Special Counsel for Global Privacy and Forensics at HaystackID, moderates a compelling discussion titled “From Breach to Insight: Incident Response and PII...more
According to the Verizon Wireless 2022 Data Breach Investigations Report, there are four prominent paths that threat actors use to gain unauthorized access into an organization’s network... Originally published in Law360 on...more
Can cyber investigations be canned? Find out what Sadia, Kamran, and this month’s guest, Shawn Tuma of Spencer Fane, have to say. The gloves come off as these three breach coaches duke it out for the final word on this topic....more
In our last newsletter, we analyzed the reluctance of courts to apply privilege to the work of forensic computer consultants following data breaches. Here, we address often unavailing efforts to fit communications with...more
Following in the footsteps of the Eastern District of Virginia’s Capital One decision last year and the District of D.C.’s Clark Hill decision earlier this year, the Eastern District of Pennsylvania has just ordered the...more
It is hard to find a news post without a story on a ransomware attack. The National Security Council has issued an open letter warning all businesses to be alert and prepared for ransomware attacks. Various industry groups...more
Let us assume a company has done all the right things. Preemptive security was a concern, so the company tightened up its written cybersecurity controls and associated technical controls, including policies and...more
In order to provide legal advice to clients in the aftermath of a hacking, lawyers must rely on digital forensics investigators to understand the nature and scope of the breach. Corporations also use this type of information...more
On January 12, 2021, the United States District Court for the District of Columbia joined the growing list of courts that have held that reports generated by third-party forensics firms in response to a cyberattack are not...more
Consilio, SecureIT360 and Polsinelli will take a deep dive into responding to a cyber-attack and data breach. Learn about what to expect when you arrive on the scene following a cyber incident, and best practices for what...more
On May 26, 2020, in In re Capital One Consumer Data Security Breach Litigation, MDL 1:19md2915 (E.D. Va.) the Federal District Court for the Eastern District of Virginia (Alexandria Division) (Anderson, J.) held that a...more
On June 25, a Federal District Court in Virginia (Anthony J. Trenga, U.S.D.J.) affirmed a Magistrate Judge's Order requiring Capital One to produce a vendor's post-breach forensic report to plaintiffs in a consumer class...more
A May 26, 2020 order by U.S. Magistrate Judge John F. Anderson (E.D. Va.) that attorney work product protection did not preclude production of a forensic vendor's data breach investigation report to plaintiffs in the Capital...more
The United States District Court for the Eastern District of Virginia (Court) has held that a cyber-forensic investigation report was not protected by the attorney work product doctrine and ordered Capital One to produce it...more
This webinar focuses on strategies for mitigating reputational, litigation, and regulatory risk in the post-data breach environment. We will offer specific practice tips to implement during this crisis period that are...more
In a recent post, we addressed the role a forensic investigation plays in a company’s response to a data security incident. We noted that to maximize the likelihood that a forensic firm’s work will be covered by the...more
Third-party forensic investigations performed at the direction of counsel are part-and-parcel of virtually every data breach. There has been little case law, however, directly addressing the extent to which the...more
On December 24, 2015, Nevada casino owner Affinity Gaming filed suit against Trustwave in federal district court, alleging that Trustwave failed to contain and remediate a data breach at Affinity Gaming. ...more
A forensic investigation by a security firm often does (and should) drive decision-making in response to an incident. Because the work of a security firm usually drives the critical path of a response, companies can become...more
October 23, 2015, Magistrate Judge Jeffrey J. Keyes of the United States District Court for the District of Minnesota determined that the attorney-client privilege and the work-product doctrine shielded from disclosure...more
On October 12, Nossaman and UC Irvine hosted their first annual cyber symposium at the Los Angeles City Club. The event brought experts together to discuss a variety of critical issues in the worlds of privacy and data...more
On September 29, 2015, the PCI Security Standards Council (“PCI SSC”) issued a press release and accompanying guidance to businesses for incident response management in the event of a data breach. PCI SSC is a global forum...more
On Aug. 11, 2015, federal prosecutors in the District of New Jersey and the Eastern District of New York unsealed indictments against nine individuals in the U.S. and Ukraine who were allegedly involved in a five-year,...more