No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Life With GDPR: Critical Perspectives on Big Law Firm Cybersecurity
For community associations, this is especially important as these organizations often manage large amounts of PII of homeowners and residents (e.g., name, address, phone number, etc.), including certain categories of...more
Artificial intelligence (AI), particularly generative AI, thrives on vast amounts of data, fueling AI capabilities, insights, and predictions. But with this reliance on data comes potential privacy and security risks. And...more
Last week, two separate class actions were filed in the federal district court for the Southern District of Texas against DISA Global Solutions (DISA), a third-party employment screening services provider, related to an April...more
The Department of Government Efficiency’s (DOGE) staggering unfettered access to all Americans’ personal information is highly concerning. DOGE employees’ access includes databases at the Office of Personnel Management, the...more
According to a highly critical article recently published by TechCrunch, the Department of Government Efficiency (DOGE), President Trump’s advisory board headed by Elon Musk, has “taken control of top federal departments and...more
New York State Governor Hochul recently gave us a “pre” New Year’s gift: effective on December 21, 2024, any individuals or businesses possessing the “private information” of New Yorkers must notify them, and certain state...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
PowerSchool, a provider of software solutions for K-12 school systems, recently disclosed a cybersecurity incident that may have potentially exposed sensitive information of both students and school district employees....more
The country’s largest provider of cloud-based education software for K-12 schools announced on January 7 that it fell victim to a massive data breach – which may lead to questions about the implications for your school....more
A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more
A Written Information Security Plan, or “WISP,” is essential for any organization that handles sensitive personal information. Here’s a quick breakdown of who needs a WISP and why, as well as a checklist to develop one:...more
American Addiction Centers (AAC) has notified 422,424 individuals that their personal information was stolen in a cyber-attack attributed to the Rhysida criminal organization. The incident was discovered on September 26,...more
Zabrina Mcintyre is a director and cybersecurity adviser at KPMG, where she leverages her diverse expertise in cybersecurity, risk management, and strategic project leadership. She brings a unique blend of creativity and...more
In the article “Privacy Risk Quantification: How and Why to Do It Effectively,” we went over the basics and best practices of privacy risk quantification and a few relevant industry benchmark frameworks. If you are...more
New York Attorney General (AG) Letitia James and global movie theater operator National Amusements, Inc. (National) settled a lawsuit stemming from a 2022 data breach reported by National, which affected 82,128 National...more
Oak Valley Hospital, located in Oakdale, California, reached a settlement in a class action related to a 2023 data breach. On July 18, 2023, Oak Valley detected suspicious activity on its IT systems. Pursuant to the forensic...more
Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more
It’s no longer good enough for your business to have a reactive approach to consumer privacy – you need a proactive strategy to manage compliance, foster consumer trust, and stay competitive in this modern era. While many...more
Elemetal LLC faces a data breach class action resulting from its alleged failure to implement appropriate security measures, which led to a 2023 breach of approximately 13,000 customers’ personal information. Elemetal is a...more
New York recently passed new cybersecurity regulations for hospitals licensed in New York to enhance patient safety and cybersecurity....more
As the last two years have clearly demonstrated, no organization is immune from cyberattacks. Indeed, numerous studies have reported that a majority of businesses have been impacted by at least one cyberattack over the past...more
The first wave of Australia's expansive privacy law reforms has been introduced into Federal Parliament in the Privacy and Other Legislation Amendment Bill 2024 (Cth) ("Bill")....more
Connecticut Attorney General William Tong announced on October 21, 2024, that his office has settled a data breach case against Guardian Analytics, Inc. for $500,000. The data breach affected the personal information of...more
The Centers for Medicare & Medicaid Services (“CMS”) and its contractor, Wisconsin Physicians Service Insurance Corporation (“WPS”), recently notified over 940,000 Medicare beneficiaries of a data breach that has potentially...more
By now, companies across all industries have become familiar with the lifecycle and stages of a ransomware incident. Generally, once an attack is contained, remediation and rebuilding will follow. Shortly after, the crisis...more