No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Podcast: A Conversation with Andy Rotherham on Hot Topics in Education for 2023
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
2023 DSIR Report Deeper Dive into the Data
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
Cyber Threats
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
[Podcast] NSA Cybersecurity Services for Defense Contractors
Understanding the Additional Risks When Making a Ransomware Payment
2022 DSIR Deeper Dive: Ransomware
The New York State Department of Financial Services (the “Department”) has issued guidance (“Guidance”) to all individuals and entities regulated by the Department (“Regulated Entities”) to underscore the importance of...more
The United States Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) have issued an...more
In the spirit of National Cybersecurity Awareness Month, the Office of Civil Rights (“OCR”) released a new video on October 17, 2024, to promote awareness on ransomware trends in the healthcare industry and how HIPAA subject...more
On May 23, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) published a second edition of the #StopRansomware Guide (the Guide). The Guide, first published in September 2020, aims to help organizations reduce...more
France's Orientation and Programming Law of the Ministry of the Interior ("LOMPI law"), published in the Official Journal of January 25, 2023, amends the insurance coverage of losses and damages paid in response to...more
The FBI and CISA recently issued a Cybersecurity Alert entitled “#StopRansomware: Zeppelin Ransomware” providing an alert to organizations about the proliferation of Zeppelin ransomware attacks and information on the...more
CYBERSECURITY NIST - Releases Guidance on Supply Chain Security - The National Institute of Standards and Technology (NIST) Information Technology Laboratory recently released guidance entitled “Software Supply Chain...more
On March 29, 2022, federal banking regulators issued important guidance for how banking organizations can comply with the upcoming requirement to notify regulators within 36 hours of ransomware or other disruptive...more
The federal banking agencies recently issued a final regulation that will require a bank to notify its primary federal regulator of a cyberattack, or computer-security incident, no later than 36 hours after the bank...more
On September 21, 2021, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) published an updated sanctions advisory, providing guidance to companies on sanctions compliance obligations related to ransomware...more
On November 18, 2021, the Federal Deposit Insurance Corporation, the Board of Governors of the Federal Reserve System, and the Office of the Comptroller of the Currency issued a joint final rule to require banking...more
Federal officials have recently warned employers and businesses that they could have insult added to injury if they respond to cyberattacks by making ransomware payments – increasingly requested through cryptocurrency – as...more
Guidance Demonstrates OFAC’s Expectations for Sanctions Compliance by Cryptocurrency Industry - On October 15, 2021, the Office of Foreign Assets Control (“OFAC”) of the U.S. Department of the Treasury published Sanctions...more
In the wake of increased ransomware attacks over the course of the last several months, the US Department of Treasury’s Office of Foreign Assets Control (OFAC) has updated a guidance it released last year on potential...more
On 21 September 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an updated advisory that highlights the sanctions risks associated with making ransomware payments. OFAC reiterated...more
On September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an updated advisory outlining the risks involved with facilitating ransom payments to malicious actors conducting...more
The exponential rise in ransomware attacks in the past year has everyone on high alert, not least of which are regulators. Following on the heels of a June 2, 2021 White House memo addressing ransomware prevention, on June...more
The New York State Department of Financial Services recently announced new guidance addressing ransomware attacks, and highlighting cybersecurity measures to significantly reduce the risk of an attack. The guidance comes as...more
On June 30, 2021, the New York Department of Financial Services ("NYDFS") identified key cybersecurity measures to prevent and prepare for ransomware attacks. ...more
The U.S. Department of Health and Human Service’s Office for Civil Rights in Action (OCR) issued a warning that cybercriminals are attempting to exploit a critical vulnerability in VMware software. This alert originates from...more
Ransomware victims face a nearly impossible decision: pay criminals holding their business hostage or refuse and face possible crippling consequences. This decision requires careful analysis of a number of considerations, and...more
On October 1, 2020, the U.S. Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory regarding the potential sanctions risk for entities that facilitate ransomware payments. OFAC defined “ransomware” as: A form...more
On October 28, 2020, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of Health and Human Services (HHS) issued a joint warning that they...more
We hope you have read about the reporting on potential ransomware attacks on US hospitals and perhaps other health care providers. If you have not, please review this guidance from the government agencies involved in this...more
On October 1, 2020, the US Department of the Treasury's Office of Foreign Assets Control ("OFAC") issued an advisory opinion on the sanctions risks associated with certain cyberattacks ("OFAC Guidance"). The OFAC Guidance...more