Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
The European Commission recently launched a public consultation on the implementation of the AI Act, primarily focused on the classification (and ultimate regulation) of “high risk” AI systems. The AI Act employs a risk-based...more
On June 27, 2025, the Federal Bureau of Investigation (FBI) issued a warning on X to the airline and transportation sectors that the notorious cyber criminal ring Scattered Spider is attacking those sectors....more
Information leaks pose a growing and multifaceted risk to organizations across sectors. While often associated with cybersecurity breaches, the majority of such incidents stem from human error or intentional misconduct. On 25...more
On June 30, 2025, a Joint Advisory was issued by the National Security Agency, the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation and the Department of Defense Cyber Crime Center issued...more
Most organizations rely on complex supply chains, and that reliance has become a point of vulnerability for cyberattacks. This spring, we have witnessed a large-scale cyberattack on a major British multinational retailer due...more
Last month, Paul Hastings sponsored the Cybersecurity Law Workshop at the Spring Privacy & Security Forum held at George Washington University in Washington, D.C. The Cybersecurity Law Workshop featured three panels of...more
Several insurance companies have been targeted this month by cyberattacks, including AFLAC, Erie Insurance, and Philadelphia Insurance. The threat actor, Scattered Spider, is now focusing on the insurance industry. We want to...more
“Life can only be understood backwards; but it must be lived forwards.” – Søren Kierkegaard - Most security programs are designed to pass a test. Policies are documented. Controls are mapped. Tools are deployed. And for a...more
Our Privacy, Cyber & Data Strategy Team discusses how to overcome five challenges companies face in the wake of a data security incident when reviewing impacted data to comply with legal obligations....more
On June 20, 2025, Texas Governor Greg Abbott signed SB 2610 into law, joining a growing number of states that aim to incentivize sound cybersecurity practices through legislative safe harbors. Modeled on laws in states like...more
Are you storing sensitive data on a shared network drive? If so, your organization could be at serious risk of a data breach or privacy lawsuit. Shared drives, like the common “S:\ drive,” are often used to store documents,...more
We’re back with a deeper dive into the 2025 Data Security Incident Response Report, which features insights and metrics from more than 1,250 incidents in 2024. This episode dives deeper into the data, including network...more
The cybercrime group known as Scattered Spider is at it again, according to Google’s Threat Intelligence Group. This criminal group is known to focus its cyber attacks on one sector at a time. Last spring, it was the retail...more
On 10 June 2025, the new statutory tort for serious invasions of privacy came into force as part of a suite of privacy reforms passed last year, substantially enhancing privacy protections and signalling a material shift in...more
North Dakota recently passed a law establishing new rules for certain financial companies operating in the state – specifically “financial corporations.” The new obligations will take effect on August 1, 2025. They will apply...more
On June 9, multiple financial services trade associations sent a letter to Treasury Secretary Scott Bessent expressing concerns about cybersecurity risk management practices at federal regulatory agencies following the OCC’s...more
Cyber incidents are an ever-present threat to organisations of all sizes. While many companies have documented Cyber Incident Response (CIR) plans, they often fall short when it comes to real-world application. Below, we will...more
Information leaks can range from exposures of internal decisions and salary data to the disclosure of intellectual property, strategy documents, or board minutes. Whether accidental or intentional, these leaks demand...more
A recent breach involving Indian fintech company Kirana Pro serves as a reminder to organizations worldwide: even the most sophisticated cybersecurity technology cannot make up for poor administrative data security hygiene....more
What do a global sportswear giant and a prestigious medical center have in common? Apparently, a shared struggle defending data breach lawsuits for breaches of sensitive personal information caused by third-party vendors....more
What's New? On May 28, 2025, the U.S. Department of Health and Human Services' Office for Civil Rights (OCR) announced an $800,000 settlement with a large Florida-based health care provider over potential violations of the...more
Editor’s Note: Email remains the most reliable and comprehensive source of evidence in digital investigations, often providing insights that other platforms cannot. As threats become more sophisticated and data volumes grow,...more
As data breach litigation continues to increase, companies need to worry about a new point of vulnerability - overseas employees. Many large companies outsource customer services to India and other low-cost providers to take...more
In connection with the increase in the number of incidents and attacks, the scope and impact of the incidents and attacks are also growing. With the rise in frequency and impact of cybersecurity incidents and cybercrimes,...more
Google sent out a warning that the cybercriminal group Scattered Spider is targeting U.S.-based retailers. Scattered Spider is believed to have been responsible for the recent attack on Marks & Spencer in the U.K. A security...more