No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Podcast: A Conversation with Andy Rotherham on Hot Topics in Education for 2023
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
2023 DSIR Report Deeper Dive into the Data
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
Cyber Threats
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
[Podcast] NSA Cybersecurity Services for Defense Contractors
Understanding the Additional Risks When Making a Ransomware Payment
2022 DSIR Deeper Dive: Ransomware
CYBERSECURITY - U.S. Retailers Bracing for Scattered Spider Attacks - Google sent out a warning that the cybercriminal group Scattered Spider is targeting U.S.-based retailers. Scattered Spider is believed to have been...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
Selected U.S. Privacy and Cyber Updates - New York AG Seeks Comments on Rulemaking for Minors’ Online Protection Laws - On August 1, 2024, New York Attorney General Letitia James issued two advanced notices of proposed...more
Elevate your resilience in the new year by understanding top GRC trends, patterns, and best practices across AI, TPRM, cyber risk, and more. As we step into 2024, technological advancements and an increasingly connected —...more
New York has released proposed cybersecurity regulations for hospitals. The regulations, which were published in The State Register on Dec. 6 and will undergo a 60-day public comment period ending on Feb. 5, are designed to...more
CYBERSECURITY - TechRadar's Cyber Predictions for 2024 are Spot On - Because technology develops so rapidly, and “trends” are fast and furious, it is always hard to predict what the big issues will be for the next...more
Large companies holding sensitive data – including financial services, telecommunications, business process outsourcing, hospitality, and cryptocurrency firms – as well as their IT helpdesks, are increasingly being targeted...more
Editor’s Note: On February 15, 2023, HaystackID shared an educational webcast to provide valuable insight into the ways in which AI is being used to address key issues in the realm of privacy and cybersecurity. The expert...more
Report on Patient Privacy Volume 23, no 2 (February 2023) DCH Health Systems, based in Tuscaloosa, Ala., said it fired an employee in December after a routine privacy audit revealed evidence that the worker had accessed some...more
Report on Patient Privacy Volume 23, no 1 (January 2023) The Centers for Medicare & Medicaid Services (CMS) said a data breach at a Medicare subcontractor impacted the personally identifiable information and protected...more
North Carolina Power Outage Points to Homeland Security Long-Documented Threats to US Power Grid - “Moore County blackouts serve as reminder that nation’s electricity infrastructure could be vulnerable targets for domestic...more
"EvilProxy" Provides Low-Skill Threat Actors Access to Advanced Phishing Techniques - A new Phishing-as-a-Service (PaaS) platform dubbed "EvilProxy" has been discovered by Resecurity researchers. PaaS platforms allow...more
Report on Patient Privacy 22, no. 8 (August, 2022) - The Department of Justice (DOJ) seized around $500,000 in Bitcoin ransom paid by two health care organizations in Kansas and Colorado to North Korean ransomware actors...more
Report on Medicare Compliance 31 no. 18 (May 16, 2022) - In a version of the future that hopefully never comes, malware is able to remove malignant-looking tumors from CT or MRI scans before they were reviewed by...more
Colorado requires businesses to take reasonable steps to protect consumer data under both the Colorado Consumer Protection Act and its landmark new data privacy law, the Colorado Privacy Act (CPA). The CPA comes into force on...more
In the past 5 years businesses felt the increasingly intricate data management rules (GDPR, CCPA, BIPA) pressed against an explosion in hacking and ransomware. Companies experience pressure from legislators, regulators,...more
CYBERSECURITY - FBI and DHS Warn of Russian Cyberattacks Against Critical Infrastructure - U.S. officials this week warned government agencies, cybersecurity personnel, and operators of critical infrastructure that...more
The office of the Colorado Attorney General, Phil Weiser, recently issued a data security best practices guidance document as part of his office’s role in “implementing and enforcing data security and data privacy laws.” In...more
Welcome to the Financial Services Report, holiday style! Banks and non-banks alike started early this year with additions and changes to their regulator stockings. The Senate confirmed Rohit Chopra as the new CFPB Director....more
California Signs New CCPA and Privacy Related Bills into Law - California’s Governor recently signed into law three new bills impacting CCPA and privacy in California, including: AB 335, which exempts from the CCPA and...more
I have written multiple times about the danger of disruptionware to both Information Technology (IT) networks as well as Operational Technologies (OT) networks of victims globally. As discussed here, many different nefarious...more
On June 25, 2021, the Supreme Court issued an important decision on Article III standing in class actions that will have a significant impact on the way class actions are certified - and will likely scuttle numerous ...more
Crippling data breaches and sophisticated ransomware attacks are increasingly common threats to modern businesses. Ransomware attacks can not only target confidential company data and data collected from customers but...more
In a rare cyber win for the good guys (at least one that’s publicly acknowledged), the DOJ revealed on Monday that it “had seized much of the ransom that a major U.S. pipeline operator had paid last month to a Russian hacking...more