No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Life With GDPR: Critical Perspectives on Big Law Firm Cybersecurity
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
State AG Pulse | CT AG Reacts to Genetic Data Breach
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: State Privacy and Data Collection
Key Point: The Federal Trade Commission (FTC) has amended the Safeguards Rule to require non-banking financial institutions to inform the FTC within 30 days of discovering any unauthorized acquisition of unencrypted customer...more
Purpose and Background of the GLBA - The Gramm-Leach-Bliley Act (“GLBA”), also known as the Financial Services Modernization Act of 1999, is a federal statute enacted by Congress in 1999 that requires financial...more
The Securities and Exchange Commission is gaining traction in the enforcement of cybersecurity and disclosure requirements. The SEC has a lot on its plate these days – ESG, cybersecurity, and the traditional mix of...more
In early March, the New York State Department of Financial Services (“NYDFS”) announced a consent order that required Maine-based mortgage servicer Residential Mortgage Services, Inc. (“Residential”) to pay a $1.5 million...more
On February 16, the New York State Department of Financial Services (DFS) issued a cyber fraud alert, warning of a growing cybercriminal campaign to steal consumer, Nonpublic Information (NPI). The hacked data is being taken...more
On September 25th, the CPSC Office of Inspector General (“OIG”) released its long-awaited report summarizing its investigation of the 2019 CPSC data breach. Most notably, the report finds that the data breach was larger and...more
Late this summer the New York Department of Financial Services (NYDFS) announced its first enforcement action since the cybersecurity rules went into effect in March 2017. The action was brought against First American Title...more
The New York State Department of Financial Services (“NYDFS”) has announced its first enforcement action of NYDFS’ Cybersecurity Regulation, Part 500 of Title 23 (“Cybersecurity Regulation”) against First American Title...more
On February 10, 2020, Attorney General William Barr announced the indictment of four members of the Chinese military on charges of hacking into Equifax’s computer networks, maintaining unauthorized access to those networks...more
Home speaker maker Sonos has sued Google, accusing the company of “infringing on five of its patents, including technology that lets wireless speakers connect and synchronize with one another.” Sonos had originally partnered...more
A number of retailers and manufacturers have recently received notices from the U.S. Consumer Product Safety Commission concerning a possible data breach. The CPSC’s letter advises recipients of an unauthorized release of...more
As cybersecurity attacks have continued to gain prominence as a threat posing critical risk management and compliance challenges for financial institutions, the Securities and Exchange Commission (SEC) has emerged as an...more
Earlier this year, the SEC released cybersecurity guidance addressing, among other things, the risk of insider trading in the event of a data breach. This risk comes in multiple forms, including the intruders trading on...more
On February 21, the Securities and Exchange Commission (SEC) published interpretive guidance to assist public companies in preparing disclosures about cybersecurity risks and incidents....more
Much has been written about the SEC’s interpretive guidance on cybersecurity disclosures, issued in late February, including Commissioner Stein’s statement that it under-delivers for investors, public companies, and the...more
The Commission's "new" cybersecurity guidance largely rehashes existing guidance, as is highlighted by objections from two commissioners. At most, the additional qualitative guidance is incremental. It reiterates the need to...more
Prompted by concern over the increase in the risks and frequency of data breach incidents and other cyber-attacks affecting public companies, the Securities and Exchange Commission recently published interpretive guidance to...more
• Disclosures must inform investors about material cybersecurity risks and incidents, including addressing material cybersecurity risks for cyber-attacks that have not yet occurred. • Comprehensive policies and procedures...more
The SEC's new guidance on public company cybersecurity disclosures and Chairman Clayton's accompanying statement emphasize the SEC's expectations that public companies: (i) implement comprehensive cybersecurity policies that...more
The U.S. Securities and Exchange Commission (SEC) updated guidance to public companies this week on how and when they are to disclose cybersecurity risks and breaches. The SEC suggests that public companies should disclose...more
On February 21, 2018, the U.S. Securities and Exchange Commission approved the release of Interpretive Guidance relating to public company disclosures of cybersecurity risks and incidents. ...more
The Securities Exchange Commission (“SEC”) has been busy the last couple months on the cyber front. On September 20, the SEC announced a renewed focus on cybersecurity efforts and disclosed that it had been a victim of a...more
On September 20, the Securities and Exchange Commission announced that its system for electronic filing for public company disclosures, EDGAR, was compromised last year and that hackers may have used exposed information for...more
On September 7, 2017, Equifax, one of the country’s three primary credit reporting bureaus, announced it had suffered a major cybersecurity breach that could potentially affect half of the U.S. population. According to the...more
Preet Bharara, the U.S. Attorney for the Southern District of New York announced that three Chinese citizens have been charged for attempting to hack into seven law firms that were involved in mergers and acquisitions, in...more