No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
Overview of Cybersecurity in Government Contracts
Cybersecurity: What Healthcare Providers Need to Know
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
2022 DSIR Deeper Dive: NFTs
No Password Required: The Sailing CTO of Sylint Group Who Routinely Defends Against Nation-State Attacks on Critical Infrastructure
Webinar Recording - Crypto Breaches: Legal & Regulatory Update
No Password Required: A Cybersecurity Education Specialist, Whose Passions Include the Forest, DIY, and Deviled Eggs
Cyberside Chats: Everyone wants to be Batman. Hacking Back & Cybersecurity Law
Defense In-Depth: Cybersecurity For Energy
Greetings and Felicitations - Aly McDevitt on Ransomware Case Study, Part 2
Not If, but When: A Data Protection Roadmap for Legal Teams in a Post-Pandemic World
How to Protect your Organization From a Cybersecurity Attack
Phishing: Cybersecurity’s Biggest Threat
No Password Required: An Infowar Expert Paved the Path From Rock-And-Roll to Cybersecurity
Cybersecurity & Data Privacy Webinar Series: Password Protected: Essential Cybersecurity & Data Privacy Planning for Your Small Business
CF on Cyber: The Anatomy of a Ransomware Attack - Part 2
CF on Cyber: The Anatomy of a Ransomware Attack - Part 1
Fighting Cyber Crime: The $1 Trillion Invisible Threat
On January 23, 2025, PayPal settled an enforcement action brought by the New York State Department of Financial Services (NY DFS) for failing to comply with cybersecurity regulations required for financial services businesses...more
Cyberhackers—potentially frustrated by their limited ability to extort ransom from health care entities in attacks—have started extorting the patients themselves, threatening them with the release of information or...more
Businesses can breathe a little easier now that one of the world’s top five ransomware networks, the Hive, has been infiltrated and disbanded by the FBI....more
As companies collect growing amounts of data about their customers and other consumers, sophisticated adversaries, recognizing the value of this information, have increased their efforts to pilfer it. For publicly traded...more
On August 20, 2020, a criminal complaint was filed charging Joseph Sullivan, Uber’s former chief security officer, with obstruction of justice and misprision of a felony in connection with an alleged attempted cover-up of a...more
Government contractors are no strangers to the numerous quality standards and assurances required by the government. Over the past several years, cybersecurity in federal contracting has emerged as yet another standard to...more
We are increasingly seeing situations in which a client’s information systems are breached by an ethical hacker. Typically, they take a screen shot or two of data to prove their accomplishment, carefully redact any...more
With it being Halloween, October being National Cybersecurity Awareness Month, and 2019 drawing to an end, let’s take a look at the data privacy breaches giving compliance professionals a fright this year! ...more
Although Amazon and Google respond to reports of vulnerabilities in popular home smart assistants Alexa and Google Home, hackers continually work hard to exploit any vulnerabilities in order to listen to users’ every word to...more
What are the biggest, most interesting stories in the ever-changing worlds of cybersecurity, risk mitigation, and information governance?...more
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services recently announced that 2018 was a significant year in Health Insurance Portability and Accountability Act (HIPAA) enforcement activity. ...more
On February 7, 2019, the Office of Civil Rights (OCR) of the U.S. Department of Health and Human Services published the resolution agreement for its final HIPAA settlement of 2018. ...more
As cybersecurity attacks have continued to gain prominence as a threat posing critical risk management and compliance challenges for financial institutions, the Securities and Exchange Commission (SEC) has emerged as an...more
Just days after the summit between the U.S. and North Korea, the Federal Bureau of Investigation (FBI) and the Department of Homeland Security issued a warning about a malicious malware, a Trojan malware variant known as...more
The U.S. Securities and Exchange Commission announced on April 24, 2018 that Yahoo! (now known as Altaba, Inc.) agreed to pay a $35 million civil penalty to resolve claims that it failed to appropriately and timely disclose...more
“Orangeworm” Targeting Health Care Industry - In what is being called a systematic targeting of large health care organizations, pharmaceutical companies, and IT companies and equipment manufacturers that service the...more
This week, a high profile plaintiffs’ firm (Edelson) stated that “if done right,” the data breach class actions against Equifax should yield more than $1 billion in cash going directly to more than 143 million consumers...more
In the wake of last month’s historic cyber breach of Equifax, which resulted in the theft of sensitive personal information belonging to over 140 million Americans, states have wasted no time in seeking a greater role in...more
Earlier this week, the HHS Office for Civil Rights (“OCR”) announced a $400,000 settlement with Metro Community Provider Network (“MCPN”) related to a 2012 HIPAA breach caused by a phishing scam. The phishing scam, carried...more
Companies are reminded of the need for strong internal controls. The US Securities and Exchange Commission (SEC) and the Department of Justice (DOJ) recently filed civil and criminal actions in the largest hacking and...more