No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
2023 DSIR Report Deeper Dive into the Data
Cybersecurity: What Healthcare Providers Need to Know
2022 DSIR Deeper Dive: OCR’s Right of Access Initiative
Hot Topics: Risk Management for Cybersecurity
2022 DSIR Report Deeper Dive: The Expanding Landscape of State Data Privacy Laws
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
2022 DSIR Report Deeper Dive: Personal Data Deletion
Panel Pursuit: The Ins and Outs of Becoming a Preferred Panel Vendor - Unauthorized Access Podcast
Get Me Off This Ride: Understanding the Emotional Rollercoaster After a Ransomware Attack - Unauthorized Access Podcast
2022 DSIR Deeper Dive: Vendor Incidents
Dark Web Monitoring - Unauthorized Access Podcast
Unauthorized Access: An Inside Look at Incident Response
Mandatory Cyber Incident Reporting: Pros, Cons, and Next Steps
Defense In-Depth: Cybersecurity For Energy
Dr. Thomas Hyslip teaches at the master’s in cybercrime program at the University of South Florida, where he blends criminology, digital forensics, and incident response coursework. A retired U.S. Army colonel, Dr. Hyslip's...more
Data security is a major concern across virtually all areas of the legal profession particularly in 2024 thanks in part to a record-breaking number of cyber incidents last year that cost companies an average of $4.45 million...more
Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more
With escalating cyber risks and heightened regulatory scrutiny, every minute after a data breach is crucial. Sophisticated cybercriminals relentlessly target your organization’s most valuable asset: personally identifiable...more
As part of the Biden Administration’s efforts to align energy cybersecurity efforts across the country, the U.S. Department of Energy (“DOE”) has funded the release of a set of energy distribution cybersecurity baselines for...more
In our rapidly evolving digital landscape, all organizations are facing an onslaught of cybersecurity threats. According to recent research, victims of cyber attacks paid out a record $1.1 billion last year and have already...more
Report on Patient Privacy 23, no. 12 (December, 2023) Northwell Health in New York and Cook County Health in Chicago each experienced impacts from a breach at Nevada-based transcription company Perry Johnson & Associates...more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
Typically, we beat the drum of the need to prepare for a data incident—anything from a full-blown ransomware attack to an employee accidently sharing data with the wrong person—by having your Incident Response Plan developed...more
There are so many factors that go into breach response. Determining the size of the breach, time limitations, legal requirements, notification needs, urgency for containment, and interrupted business operations are just a...more
Every year, BakerHostetler collects and analyzes various metrics about the incident response matters we handle. In 2022, we handled over 1,160 incidents. The most striking trends we saw across those incidents were an overall...more
According to the 2022 Cost of a Data Breach Report by IBM Security and the Ponemon Institute, the cost of a data breach grew to an average of 4.35M in U.S. dollars in 2022 – reaching an all-time high. In addition, 83% of...more
In recent years, especially through 2019 and 2020, the cyber insurance market in the U.S. has seen significant growth. Middle-market companies have been actively requesting cyber insurance policies with low rates and broad...more
Understanding and managing insider risks is not a new discipline. The manifestation of insider-related risks can be disastrous but the fact that these events are caused by people inside an organization rarely receives enough...more
On October 5, 2022, a federal jury found Joseph Sullivan, Uber’s former chief security officer, guilty of obstruction of justice and misprision of a felony in connection with his role in responding to a 2016 data breach...more
In June 2014, the CEO of Omaha-based Scoular Company sent a series of emails to his company’s controller to let him know that the company was in negotiations to buy a Chinese company. The emails highlighted the sensitivity of...more
No industry is immune to privacy and cybersecurity risks, and the construction industry is no exception. Those in the construction industry can protect against a potential cyberattack by understanding the risks and...more
Please join us for a discussion and Q&A regarding the growing threat of business email compromises (a.k.a. man-in-the-middle attacks). Attorneys Chris Hart and Yoni Bard, litigators with experience in privacy matters and...more
From remote classrooms to student devices—and everything in between—school districts have been thrown into the deep end with no life jacket when it comes to managing cybersecurity. Join us for a discussion of the unique...more
You almost can’t blame cyber criminals for their relentless barrage of ransomware attacks against the corporate world. From their perspective, it’s easy money. Corporations face a much more frustrating calculus. You can...more
Credential stuffing has quickly become one of the top attack vectors online, according to the Office of New York State Attorney General Letitia James (OAG). On January 6, 2022, the OAG announced the result of a sweeping...more
According to numerous government and media sources, malicious cyber actors are targeting a new “zero day” vulnerability on a massive scale. This vulnerability, referred to as “Log4j” or “Log4Shell,” has resulted in widespread...more
Executive teams in the U.S. live in fear of a successful ransomware attack, and who can blame them? Attacks are both prevalent and evolving. Many attackers have shifted from encrypting data and locking up systems to also (or...more
In the fast-moving industry of cyber incident response, success and efficiency come from preparation. Once a matter is promoted to review, the most common request for timing is “as soon as possible.” How is a client’s desire...more
The U.S. Securities and Exchange Commission (“SEC”) recently identified cyberthreats as an enforcement priority (see 2021 Examination Priorities). Within months of the Commission’s announcement, the Commission brought three...more