No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Life With GDPR: Critical Perspectives on Big Law Firm Cybersecurity
Encryption is one of several cornerstones of a robust information security program. Articles on quantum computing often include the compelling narrative that encryption is at risk, but as with any revolutionary technology,...more
For community associations, this is especially important as these organizations often manage large amounts of PII of homeowners and residents (e.g., name, address, phone number, etc.), including certain categories of...more
Members of the health care and financial industries, along with other industries that hold sensitive data, are warned that a ChatGPT vulnerability is being actively exploited by threat actors to attack security flaws in AI...more
The maritime industry has become a prime target for hackers. In the last few years, it has seen a steep increase in the number of shipping-related cyberattacks. The recent surge marks a new and pressing challenge for ports...more
2024 was another active year in cybersecurity, with high-profile vulnerabilities and data breaches, and government and private sector responses to them. Examples include pervasive ransomware attacks targeting the healthcare,...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
In 2021 CISA released their Incident Response and Vulnerability Playbook, and in 2024 NIST updated their Cybersecurity Framework. Using the Playbook and Framework as a template, forensic teams can build a repeatable processes...more
Data Resilience Masterclass: Navigating the Risks of the Digital Age - Data Risk and Resilience is a critical topic for modern businesses, especially within industries that handle vast amounts of sensitive information....more
Organizations face increasingly sophisticated threats that can compromise data and disrupt business operations. This presentation will explore the role that digital forensics plays in an effective incident response plan using...more
Selected U.S. Privacy and Cyber Updates - New York AG Seeks Comments on Rulemaking for Minors’ Online Protection Laws - On August 1, 2024, New York Attorney General Letitia James issued two advanced notices of proposed...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
June 2024, Cleveland City Hall shut down due to what it initially described as a “cyber incident,” which was later explained as a ransomware attack. Many of the functions provided by City Hall stopped or significantly slowed,...more
A year ago, we highlighted the National Institute of Standards and Technology’s ("NIST") release of a framework designed to address AI risks (the “AI RMF”). We noted how it is abstract, like its central subject, and is...more
The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more
As we discussed in part three of this series, “Navigating the Complexities of Regulatory Data Incident Investigations,” when an organization is the subject of regulatory data incident investigations, it must navigate a...more
NIST Publishes Report on the Cybersecurity of Genomic Data. On December 20, 2023, the NIST National Cybersecurity Center of Excellence (NCCoE) published Final NIST IR 8432, Cybersecurity of Genomic Data. Informed by direction...more
A recently introduced bill in the Florida Legislature would provide businesses operating in Florida, including health care providers, with a legal defense to data breach lawsuits if they maintain robust cybersecurity measures...more
Publications and Advisories - November 13, 2023 – Kathleen Benway, Kate Hanniford, Amy Mushahwar, Kim Peretti, and Lance Taubin published “Privacy, Cyber & Data Strategy Advisory: FTC Approved New Data Breach Notification...more
The date July 26, 2023, marks the latest evolution of the cybersecurity regulation landscape as the Securities and Exchange Commission passed cybersecurity regulations for publicly traded companies. At the open meeting, SEC...more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
In the burgeoning realm of data incidents, it is a truism that such incidents are not created equal. Indeed, a data incident is not necessarily a data breach. Originally published in Reuters -August 24, 2023...more
On March 8, the Department of Health and Human Services (HHS) released a cybersecurity implementation guide to assist public and private health care sectors prevent cybersecurity incidents. The Cybersecurity Framework...more
Welcome to this month's issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security & Data Protection practice....more
GREAT SCOTT! Did you know publication of the NIST Cybersecurity Framework (CSF) 2.0 is around the corner? Last updated in 2018, NIST is making substantial changes to the CSF due to evolving threats. What are these changes?...more