No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
2023 DSIR Report Deeper Dive into the Data
Cybersecurity: What Healthcare Providers Need to Know
2022 DSIR Deeper Dive: OCR’s Right of Access Initiative
Hot Topics: Risk Management for Cybersecurity
2022 DSIR Report Deeper Dive: The Expanding Landscape of State Data Privacy Laws
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
2022 DSIR Report Deeper Dive: Personal Data Deletion
Panel Pursuit: The Ins and Outs of Becoming a Preferred Panel Vendor - Unauthorized Access Podcast
Get Me Off This Ride: Understanding the Emotional Rollercoaster After a Ransomware Attack - Unauthorized Access Podcast
2022 DSIR Deeper Dive: Vendor Incidents
Dark Web Monitoring - Unauthorized Access Podcast
Unauthorized Access: An Inside Look at Incident Response
Mandatory Cyber Incident Reporting: Pros, Cons, and Next Steps
Defense In-Depth: Cybersecurity For Energy
The HHS Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying 946,801 people whose protected health information or other personally identifiable information...more
At the recent In-House Counsel Seminar, three Ward and Smith attorneys presented a realistic role play response to an incidence of wire fraud, addressing red flags associated with fraudulent communications, corporate incident...more
CISA’s Incident Response Guide outlines ways in which WWS owners and operators can engage with federal agencies to prepare for, mitigate, and respond to cyber incidents, including best practices for incident response and...more
Three federal agencies announced the joint production and release of a document titled: Incident Response Guide – Water and Wastewater Sector (January 2024) (“Guide”)...more
The FCC has significantly expanded telecommunications carriers’ data breach notification and reporting obligations. Telecommunications carriers, including Voice over Internet Protocol (VoIP) services, and telecommunications...more
On December 14, 2023, Erik Gerding, Director, Division of Corporation Finance at the Securities and Exchange Commission (“SEC”) gave a speech on the SEC’s final rules (the “Final Rule(s)”) regarding cybersecurity risk...more
On December 18, 2023, the US Securities and Exchange Commission’s (SEC) new rules enhancing and standardizing disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by companies who...more
The U.S. Securities and Exchange Commission (SEC) adopted final rules in 2023 that are intended to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance and incident reporting by...more
Last month, the Federal Acquisition Regulatory Council proposed new cybersecurity and incident reporting regulations for federal contractors on behalf of the Department of Defense (DoD), the General Services Administration...more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
On July 26, 2023, the U.S. Securities Exchange Commission (“SEC”) adopted final rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. The final rules require...more
The U.S. government has steadily increased its warnings about malicious cyber activity by Russia and other sophisticated persistent adversaries. Following several warnings from the Federal Bureau of Investigation (FBI) and...more
Healthcare companies continue to face increased risks of ransomware attacks on their operations. According to the recently released BD Cybersecurity Annual Report for 2021, such attacks are also increasingly sophisticated....more
One of the most common forms of data or security breaches is the compromise of a business e-mail account that allows a threat actor to obtain financial or other sensitive information. Security professionals report that...more
On December 15, 2021, the Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. Department of Homeland Security “strongly urge[d]” critical infrastructure owners and operators, “in light of persistent and...more
It has been barely a month since we reported on the recent ransomware attack on the Colonial Pipeline Company, yet news continues to break with additional revelations about the recent attack. What we have learned during the...more
Recent ransomware attacks against U.S. critical infrastructure, which includes the energy sector’s production of oil and natural gas, and other sources of electricity and power, have shed a spotlight on the importance of...more
Ransomware has risen to “worst nightmare” status for many organizations, particularly in the healthcare industry. While it has been lurking for many years, recently ransomware has emerged as one of the most virulent...more
On October 28, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) issued a joint cybersecurity advisory (the...more
Disruptionware is defined by the Institute for Critical Infrastructure Technology (ICIT) as a new and “emerging category of malware designed to suspend operations within a victim organization through the compromise of the...more
The Federal Bureau of Investigations Internet Crime Complaint Center (IC3) recently issued a public service announcement warning private companies about the increasing numbers of ransomware attacks affecting private industry....more
Real Estate Wire Fraud is Increasing - Just as the stolen Huberman was hidden in plain sight, fraud in real estate transactions has moved out of the shadows and into plain view. Today’s real estate fraudsters pose as...more
Recently, the Federal Bureau of Investigation (FBI) issued a warning t U.S. consumers that Russian hackers (dubbed Sofacy and a/k/a Fancy Brear and APT28, and believed to be backed by the Russian government) had compromised...more
On Friday, May 12, 2017, a malicious ransomware program known as WannaCry was discovered infecting computer systems all over the world. It set off alarms globally, and so far has infected over 200,000 computers across more...more
Computer systems around the world have been impacted by the largest cyber-extortion attack in history. According to news reports, the “ransomware” attack hit more than 200,000 victims in 150 countries since it started on...more