No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Podcast: A Conversation with Andy Rotherham on Hot Topics in Education for 2023
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
2023 DSIR Report Deeper Dive into the Data
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
Cyber Threats
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
[Podcast] NSA Cybersecurity Services for Defense Contractors
Understanding the Additional Risks When Making a Ransomware Payment
2022 DSIR Deeper Dive: Ransomware
Cyberattacks are affecting every company and sector. Meanwhile, the regulatory landscape is intensifying as the SEC continues to enforce the cyber-risk management disclosure rules. Every day presents a new compliance and...more
Paul Hastings released its SEC Cyber Incident Disclosure Report today, providing a unique look at how public companies have responded to new incident disclosure requirements. The Securities Exchange Commission (SEC) approved...more
Publications & Advisories - November 2024 – Kathleen Benway, Jennifer Everett, Alysa Austin, and Kristen Bartolotta published “Federal Trade Commission’s Updated Health Breach Notification Rule Is Now in Effect” in Employee...more
On June 24, the staff of the U.S. Securities and Exchange Commission's (SEC) Division of Corporation Finance (Division of Corporation Finance) released five new Compliance & Disclosure Interpretations (C&DIs) relating to the...more
The Securities and Exchange Commission (the “SEC”) has issued five compliance and disclosure interpretations related to the disclosure of material cybersecurity incidents under Item 1.05 of Form 8-K....more
On June 24, 2024, the SEC issued five new Compliance & Disclosure Interpretations (C&DIs) relating to the materiality assessment and disclosure requirements of material cybersecurity incidents under Item 1.05 of Form 8-K....more
On June 24, 2024, the Division of Corporation Finance (“Corp Fin”) of the Securities and Exchange Commission (“SEC”) issued five new Compliance and Disclosure Interpretations (“C&DIs”) related to the disclosure of “material”...more
On June 24, 2024, the U.S. Securities and Exchange Commission (SEC) published five new Form 8-K Compliance and Disclosure Interpretations (C&DIs) expanding the agency’s interpretations of cybersecurity incident disclosures...more
The Securities and Exchange Commission entered into a resolution agreement with R.R. Donnelley & Sons (RRD) on June 18, 2024 with RRD agreeing to pay $2.125 million to resolve disclosure and control violations alleged by the...more
Threat actors are evolving. Our Privacy, Cyber & Data Strategy Team explains how ransomware gangs have changed their tactics and how companies can respond to the threat while navigating new scrutiny from investors and...more
In recognition of International Privacy Day on January 28, we wanted to share some insights on the top privacy and cybersecurity issues for the new year. Data privacy and cybersecurity will continue to be one of the most...more
Elevate your resilience in the new year by understanding top GRC trends, patterns, and best practices across AI, TPRM, cyber risk, and more. As we step into 2024, technological advancements and an increasingly connected —...more
The Most Significant Developments in Cybersecurity and Cyber-Related Liability Risks - As we reflect upon 2023, it will unfortunately be remembered as a record-breaking year for ransomware and cybercrime....more
Corporate boards face a panoply of risks – and the nature of these risks are quickly evolving. Cybersecurity has quickly risen to the top of the list of corporate risks. Add to that the new SEC regulations on cybersecurity...more
On July 26, 2023, the Securities and Exchange Commission (SEC) implemented new cybersecurity rules to require disclosure of material cybersecurity incidents within four business days, with limited exceptions. Additionally,...more
Publications and Advisories - July 31, 2023 – Dave Brown, Kate Hanniford, Kim Peretti, Julia Mediamolle, Cara Peterman, Sierra Shear, Kristen Bartolotta, and Kezia Osunsade published “Securities Law, Securities Litigation,...more
Third parties have posed significant risks to companies for years, but perhaps more so now than ever before. Cyber threats, Russia sanctions, and a new wave of child labor in the United States are just a few risks making...more
Given recent regulatory activity and sentiments, companies must take an active role in maturing their cybersecurity programs so that they robustly counter potential risk. Current and future regulator activity, rulemaking, and...more
On April 20, HaystackID shared an educational webcast developed to discuss best practices for handling big data and provide tangible field-experienced methods for data remediation. These best practices can be implemented at...more
Selected Developments in U.S. Law - SEC Creates Event and Emerging Risk Examination Team - Following the Office of Compliance Inspections and Examinations’ (OCIE) recent and detailed risk alert on the threat of ransomware,...more
The SEC’s Office of Compliance and Examinations (OCIE) issued a risk alert on July 10 about its observation of an apparent increase in sophistication of ransomware attacks on SEC registrants, including broker-dealers,...more
In This Issue. The Securities and Exchange Commission (SEC) adopted amendments to its exemptive applications procedures under the Investment Company Act of 1940, as amended (the 1940 Act) and proposed to amend Form 13F to...more
At the end of January, the U.S. Securities and Exchange’s Office of Compliance Inspections and Examinations (OCIE) released its “Observations on Cybersecurity and Resiliency Practices” (Observations)....more
On May 17, 2017, the U.S. Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) published a Risk Alert regarding the “WannaCry” ransomware worm that infected hundreds of thousands...more
The U.S. Securities and Exchange Commission's Office of Compliance Inspections and Examinations (OCIE) has issued a Risk Alert in the wake of the widespread WannaCry ransomware attack that has inflicted hundreds of thousands...more