No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Podcast: A Conversation with Andy Rotherham on Hot Topics in Education for 2023
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
2023 DSIR Report Deeper Dive into the Data
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
Cyber Threats
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
[Podcast] NSA Cybersecurity Services for Defense Contractors
Understanding the Additional Risks When Making a Ransomware Payment
2022 DSIR Deeper Dive: Ransomware
The Cybersecurity & Infrastructure Security Agency, the Federal Bureau of Investigation, and the Multi-State Information Sharing and Analysis Center released an advisory on February 19, 2025, providing information on Ghost...more
In a significant move to bolster the United States’ cybersecurity framework, President Biden issued an executive order (EO) on 16 January 2025 titled “Strengthening and Promoting Innovation in the Nation’s Cybersecurity” days...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
There is news coming from the U.S. cyber community for organizations that use Cleo’s software products: if your organization or your vendors use Cleo’s Cleo Harmony, VLTrader, or LexiCom products, you may be at heightened...more
The HHS Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying 946,801 people whose protected health information or other personally identifiable information...more
Recently, FINRA issued a cybersecurity alert bulletin to all member firms regarding a critical vulnerability within a software company’s transfer software, specifically affecting its Secure File Transfer Protocol module. The...more
The consequences of a cyberattack can be catastrophic, as we saw in the previous blog of this series. Cybersecurity is a business-wide responsibility that demands a proactive strategy extending far beyond technical solutions...more
Why does it matter to you? In February of 2024, Change Healthcare, a prominent player in the healthcare industry, fell victim to a ransomware attack that sent shockwaves through its systems and networks. The incident...more
In our rapidly evolving digital landscape, all organizations are facing an onslaught of cybersecurity threats. According to recent research, victims of cyber attacks paid out a record $1.1 billion last year and have already...more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
In an era where our lives are ever more intertwined with technology, the security of digital platforms is a matter of national concern. A recent large-scale cyberattack affecting several U.S. federal agencies and numerous...more
Ransomware has become a major threat to businesses across the world as cyber-attacks are becoming increasingly sophisticated, resulting in devastating financial damage for companies that fall victim. Not only are important...more
Cyberattacks are a constant threat to businesses, organizations, governments, and individuals worldwide. In order to stay secure against cybercriminal activity, it is essential to understand the various cyberattack methods...more
In a unanimous decision, the Ohio Supreme Court found that appellee EMOI Services, LLC’s (“EMOI”) businessowners insurance policy does not cover losses resulting from a ransomware attack on EMOI’s computer software systems....more
In the last week of December 2022, the Ohio Supreme Court published a much-anticipated decision in the EMOI Services LLC v. Owners Insurance Co. case. The decision was bold, and the court made no attempt to limit its holding...more
Anti-Cheat, Code-Signed Driver Abused to Bypass Privileges and Deploy Ransomware - Trend Micro researchers observed a ransomware infection in late July 2022 that involved a code-signed driver called "mhyprot2.sys", which...more
Over the past few years, ransomware attacks have increased in frequency and demand size. And, increasingly, those attacks have targeted businesses and critical infrastructure organizations from across the globe. This trend is...more
Takeaway: Organizations of all types and sizes should actively manage exposure to loss due to the Log4j vulnerability. Doing so will not be easy. The Log4j program is present in so many applications that the magnitude of the...more
The increased concern about ransomware incidents from both quantitative and severity standpoints, spurred the White House to urge corporate business leaders to improve their defenses and resilience posture against ransomware...more
CYBERSECURITY - Microsoft Issues Emergency Software Update for PrintNightmare Zero Day Vulnerability - Following the release of a U.S. Cybersecurity & Infrastructure Security Agency (US-CERT) Coordination Center...more
The National Institute of Standards and Technology (NIST) recently released a preliminary draft of its Cybersecurity Framework Profile for Ransomware Risk Management. The public comment period for this draft runs through July...more
The President’s new Executive Order on Improving the Nation’s Cybersecurity includes wide-ranging measures intended to strengthen security standards for the federal government and federal government contractors in response to...more
The Colonial Pipeline cyberattack prompted the issuance of a long-awaited executive order (EO) on improving U.S. cybersecurity. The EO mandates that, within six months, all federal agencies implement multi-factor...more
A Maryland federal court recently weighed in on the still-murky world of insurance coverage for cybersecurity losses, finding replacement costs necessitated by a ransomware attack were “direct physical loss or damage” to a...more