No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Life With GDPR: Critical Perspectives on Big Law Firm Cybersecurity
Imagine receiving an email from an unknown actor claiming to have taken approximately 2 terabytes of data from your organization’s network. The threat actor provides a file tree and sample files to substantiate its claim....more
Every year, BakerHostetler collects, analyzes and compares key metrics on the incident response matters we handled in the prior year. The Data Security Incident Response (DSIR) Report presents key findings and trends, along...more
On May 21, 2025, the Federal Trade Commission (FTC) finalized its order with GoDaddy over allegations that GoDaddy “failed to implement standard data security tools and practices to protect customers’ websites and data.” In a...more
Le 23 avril 2025, le Règlement sur la gestion et le signalement des incidents de sécurité de l’information de certaines institutions financières et des agents d’évaluation du crédit (le « Règlement ») est entré en vigueur au...more
On May 5, the OIG for the Fed authored a report with several recommendations for the CFPB following a major security incident regarding confidential supervisory information (CSI). The OIG issued four findings with seven...more
In response to a record year of personal data breaches in 2024, affecting millions of individuals, the French data protection authority (CNIL) has published a set of security directives for operators of large databases. While...more
Selected U.S. Privacy & Cyber Updates - DOJ Settles False Claims Act Case with MORSECORP over Cybersecurity Program - On March 26, 2025, the U.S. Department of Justice (DOJ) announced that it had reached an agreement with...more
A federal district court recently found that employees aren’t protected by Kentucky’s consumer protection law because they don’t qualify as consumers, handing a solid win to employers. The April 21 decision in Viviali v. One...more
Threat actors are leveraging the publicity around AI tools to trick users into downloading the malware known as Noodlophile through social media sites. Researchers from Morphisec have observed threat actors, believed to...more
The FBI is warning employers about increasing security risks from fraudulent job applications, resulting in hackers infiltrating companies and gaining access to sensitive data. To protect against these risks, employers should...more
Healthcare is a very personal experience. In order to receive the best care, individuals must share the most intimate details about themselves. For this reason, trust between patients and healthcare providers is crucial. Data...more
Another school year is winding down, and educational leaders perhaps have never been more ready for summer break. From the Trump administration’s significant policy shifts to deeply consequential litigation playing out to...more
xThe cybersecurity community has witnessed a significant development with the recent compromise of LockBit’s operational infrastructure, providing extraordinary visibility into one of the most sophisticated...more
On April 14, 2025, the UK data protection regulator (the Information Commissioner’s Office (“ICO”)) fined DPP Law (“DPP”) £60,000 (approximately $80,000) following a ransomware incident. In its penalty notice, the ICO found...more
Last week’s NFL draft highlighted more than the accomplishments of athletes at the combine or on the field. While there was extensive coverage of the merits of each player, one of the major headlines coming out of the draft...more
On March 28, 2025, the Florida Bar unanimously approved Recommendation 25-1, which was proposed by its Cybersecurity & Privacy Law Committee and encourages all Florida Bar members and their firms to adopt certain proactive...more
On April 11, North Dakota enacted HB 1127, overhauling its regulatory framework for financial institutions and nonbank financial service providers. The law amends multiple chapters of the North Dakota Century Code and creates...more
Encryption is one of several cornerstones of a robust information security program. Articles on quantum computing often include the compelling narrative that encryption is at risk, but as with any revolutionary technology,...more
In late March 2025, the Florida Bar Board of Governors unanimously endorsed the recommendation of its Special Committee on Cybersecurity and Privacy Law that law firms should adopt written incident response plans (IRPs) to...more
HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more
Eight years ago, on March 1, 2017, the New York Department of Financial Services enacted its landmark cybersecurity regulation covering financial services companies, 23 NYCRR Part 500, known as “Part 500.” Part 500 was the...more
As robotics technology rapidly advances in connection with the use of artificial intelligence (AI), the collection, processing, and storage of personal information—including biometric data—will become increasingly common....more
On April 14, the OCC released a letter providing more details on the recent security breach involving its email systems. The breach — identified as a major incident under the Federal Information Security Modernization Act...more
The Office for Civil Rights (OCR) announced on April 10, 2025, that it has settled alleged HIPAA Security Rule violations with Northeast Radiology for $350,000....more
BleepingComputer has confirmed the rumor that Oracle has suffered a compromise affecting its legacy environment, including the compromise of old customer credentials (originally denied by Oracle). Oracle notified some...more