No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Life With GDPR: Critical Perspectives on Big Law Firm Cybersecurity
On January 23, 2025, PayPal settled an enforcement action brought by the New York State Department of Financial Services (NY DFS) for failing to comply with cybersecurity regulations required for financial services businesses...more
More than a decade ago, I expressed concern about the Securities and Exchange Commission's predilection for targeting victims of crimes. That concern related to an enforcement action against a company that had been...more
The SEC recently issued an order and settlement against a company from a pair of cyberattacks in which millions of dollars of client funds were stolen. While the company was able to recover a portion of the funds and...more
In a significant expansion of internal controls enforcement, the SEC announced a $2.1 million settlement with R.R. Donnelley & Sons Co. (“RRD”) for its handling of a 2021 ransomware attack and resulting disclosure failures. ...more
Intercontinental Exchange, Inc. (ICE), the owner of the New York Stock Exchange, has agreed to settle with the Securities and Exchange Commission (SEC) for $10 million over allegations that it failed to timely notify the SEC...more
Cyberhackers—potentially frustrated by their limited ability to extort ransom from health care entities in attacks—have started extorting the patients themselves, threatening them with the release of information or...more
In Short - The Situation: Following a cyberattack on a law firm's systems, the Securities and Exchange Commission ("SEC") subpoenaed the firm for information, including the identity of clients whose information may have...more
CYBERSECURITY - Clop Claims Zero-Day Attacks Against 130 Organizations - Russia-linked ransomware gang Clop has claimed that it has attacked over 130 organizations since late January, using a zero-day vulnerability in...more
The U.S. Securities and Exchange Commission ("SEC" or the "Commission") has ordered Blackbaud, Inc. ("Blackbaud") to pay $3 million to resolve claims that it made materially misleading statements about a 2020 ransomware...more
Businesses can breathe a little easier now that one of the world’s top five ransomware networks, the Hive, has been infiltrated and disbanded by the FBI....more
CYBERSECURITY - World Economic Forum’s Global Cybersecurity Outlook for 2023 Is Bleak - Sorry to be the bearer of bad news but remember that I am only the messenger. According to the World Economic Forum’s Global...more
CYBERSECURITY - Password Manager LastPass Admits to Hack - Password manager LastPass, reportedly used by more than 33 million users, recently announced that it was hacked, and although it reports that no passwords of...more
State Attorneys General settle with Wawa, Inc. for 2019 data breach that compromised approximately 34 million payment cards used by consumers. On July 26, 2022, Acting New Jersey Attorney General Matthew J. Platkin...more
CYBERSECURITY - Verizon’s 2022 Data Breach Investigations Report: A Must Read - I love Verizon’s annual Data Breach Investigations Report (DBIR). I have pored over its content every year since its inception in 2008. (Just...more
The Justice Department continues to prosecute Russian-related crimes. Since the Ukraine Crisis, DOJ has steadily been announcing criminal charges against defendants connected to Russia. ...more
We continue our year-end review of SEC enforcement activity and turn our attention to a topic grabbing seemingly daily headlines across multiple industries: cybersecurity. As the risks – and realities – of cyberattacks...more
Two major U.S. financial institutions, Morgan Stanley and Capital One, recently agreed to resolve separate class action lawsuits by paying, in the aggregate, hundreds of millions of dollars in compensation for massive data...more
The Justice Department continues to attack and dismantle global ransomware extortion organizations. Business surveys often confirm that executives are hyper-focused on the risk of ransomware attacks against businesses....more
As companies collect growing amounts of data about their customers and other consumers, sophisticated adversaries, recognizing the value of this information, have increased their efforts to pilfer it. For publicly traded...more
On the heels of the First American enforcement action and settlement, this week, the SEC announced a settlement with Pearson plc in connection with a 2018 cyber breach. The SEC disclosed that Pearson, a London-based...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - President Biden Issues Cybersecurity Executive Order - On May 12, 2021, President Biden issued an executive order that placed new standards on the...more
Reuters reported today that the SEC is investigating last year’s hack of SolarWinds, focusing on whether SEC registrants failed to disclose that they had been impacted by the cyber breach. According to the article, the SEC...more
CYBERSECURITY - Another Win for Justice Department: Slilpp Marketplace Takedown - People always ask me if law enforcement is having any luck in combatting cyber criminals. Let me be clear: it is a very tough job to take...more
People always ask me if law enforcement is having any luck in combatting cyber criminals. Let me be clear: it is a very tough job to take down cyber criminals located in other countries or sponsored by foreign nations. Our...more
Yesterday (January 27, 2021) was a BIG win for law enforcement in their efforts to combat cyber crime. U.S. and European law enforcement agencies announced yesterday that through join efforts and cooperation on “Operation...more