No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Life With GDPR: Critical Perspectives on Big Law Firm Cybersecurity
Federal contractors, including defense contractors, should prepare for the emergence of new requirements in the coming months that are designed to strengthen software supply chain security, impose more stringent cybersecurity...more
The U.S. Department of Justice (DOJ) announced on February 18 that Health Net Federal Services, LLC and its corporate parent, Centene Corporation, agreed to pay $11,253,400 to resolve False Claims Act (FCA) claims. Health...more
2024 was another active year in cybersecurity, with high-profile vulnerabilities and data breaches, and government and private sector responses to them. Examples include pervasive ransomware attacks targeting the healthcare,...more
Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more
Penn State recently agreed to pay $1.25 million to settle allegations of False Claims Act violations related to its cybersecurity controls after a whistleblower alleged that the university failed to adhere to cybersecurity...more
The Department of Justice (DOJ) secured another win for its Civil Cyber-Fraud Initiative last week when it resolved a False Claims Act (FCA) action[1] alleging Pennsylvania State University (Penn State) failed to comply with...more
San Diego Physician and Medical Practice Pay $3.8 Million to Resolve FCA Allegations- San Diego-based physician Dr. Janette J. Gray and her former medical practice, The Center for Health & Wellbeing, agreed to pay $3.8...more
Since 2016, the federal government has implemented numerous procurement regulations and associated contract clauses to address cybersecurity by requiring contractors to adopt various controls and standards to protect...more
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (“CISA”) released proposed regulations requiring expansive new cybersecurity incident and ransomware payment reporting across sixteen “critical...more
Substantive cybersecurity amendments to the Federal Acquisition Regulation (FAR) are underway, significantly altering the duties and obligations of federal government contractors both prior to award and during contract...more
Two years after the Department of Justice (DOJ) established its Civil-Cyber Fraud Initiative, there has been a recent uptick in enforcement and regulatory activity related to cybersecurity. September opened with the unsealing...more
Cybersecurity continues to be top of mind for federal and state policymakers. This advisory identifies and analyzes some major recent developments that present opportunities and challenges in the coming months for a broad...more
On June 21, 2023, the U.S. Department of Homeland Security (DHS) issued a final rule that revises the Homeland Security Acquisition Regulation (HSAR) to implement security and privacy measures for contractors to safeguard...more
On December 29, 2022, President Biden signed a new statute that will significantly impact medical device cybersecurity regulation. Section 3305 of the Consolidated Appropriations Act of 2023 (“Section 3305”) authorizes the...more
Cybersecurity has been an important topic for many years now, yet the government has struggled with how to flow down cybersecurity obligations to its supply chain. The Department of Defense’s (DOD) Cybersecurity Maturity...more
Takeaway: The DOJ’s Cyber Fraud Initiative and qui tam actions under the False Claims Act represent signification enforcement mechanisms for cybersecurity contractor compliance. On the eve of 2022, the United States began...more
FTC Warns Companies to Remediate Log4j Security Vulnerability - Log4j is a ubiquitous piece of software used to record activities in a wide range of systems found in consumer-facing products and services. Recently, a...more
Selected Developments in U.S. Law - Department of Defense Suspends the CMMC Pilot Program and CMMC Requirements in DoD Solicitations Pending Major Changes for CMMC 2.0. On November 5, 2021, the Department of Defense...more
America’s data is under attack. Solar Winds and other recent headline-grabbing stories have demonstrated that foreign adversaries are eager to hack into computer systems for a wide range of purposes. The US Department of...more
The Biden Administration is imminently expected to release an executive order that will require government contractors to notify the government in the event of a cybersecurity breach. Despite the relatively steady rise in...more
The U.S. Department of Defense (DOD) continues to pursue innovations in its approach to security vulnerabilities, building on its earlier Hack the Pentagon program and recent moves by the U.S. Department of Homeland Security...more
Most people have a warped and deeply unrealistic understanding of data security. There is no such thing as absolute security. For a thing to have value, you must be able to access the value – in effect, to use it. In order...more
Compliance Today (July 2020) - An April 14 survey conducted by Gartner of 145 legal and compliance leaders found that more than half of the respondents rated cybersecurity and the possibility of a data breach as the...more
Capital One Required to Produce Forensic Report in Class Action - As a litigator, when responding to any security incident, thoughtful consideration is given to the possibility that the security incident may wind up in...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - Cybersecurity Standards Issued for Government Contractors - On January 31, the Office of the Under Secretary of Defense for Acquisition and...more