No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Podcast: A Conversation with Andy Rotherham on Hot Topics in Education for 2023
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
2023 DSIR Report Deeper Dive into the Data
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
Cyber Threats
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
[Podcast] NSA Cybersecurity Services for Defense Contractors
Understanding the Additional Risks When Making a Ransomware Payment
2022 DSIR Deeper Dive: Ransomware
The New York State Department of Financial Services (the “Department”) has issued guidance (“Guidance”) to all individuals and entities regulated by the Department (“Regulated Entities”) to underscore the importance of...more
Under the new law, critical infrastructure owners and operators will be required to report significant cyber incidents to the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA)...more
ACI’s Annual Flagship Conference on Economic Sanctions Enforcement and Compliance is widely regarded as the premier conference designed for those working in global sanctions compliance, internal audits and investigations,...more
The innovative use of virtual currencies is hotter than ever, but so is a dark side of these instruments: their exploitation in ransomware schemes. This year, since January 2021, ransomware attacks have increased...more
On September 21, 2021, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) published an updated sanctions advisory, providing guidance to companies on sanctions compliance obligations related to ransomware...more
We have all read about the high-profile malicious cyber-attacks and ransomware demands and payments. The Colonial Pipeline case demonstrated how responsive law enforcement can be in tracking down perpetrators and recovering...more
1. New Cybersecurity Export Controls From BIS Go Into Effect in January - The Bureau of Industry and Security (BIS) has released an interim final rule establishing new export controls on certain cybersecurity items and...more
Guidance Demonstrates OFAC’s Expectations for Sanctions Compliance by Cryptocurrency Industry - On October 15, 2021, the Office of Foreign Assets Control (“OFAC”) of the U.S. Department of the Treasury published Sanctions...more
On October 15, 2021, the Financial Crimes Enforcement Network (“FinCEN”) issued a financial trend analysis on ransomware relating to Suspicious Activity Reports (“SARs”) filed in the first half of this year (“Analysis”). ...more
On October 15, 2021 the Financial Crimes Enforcement Network (FinCen) of the Treasury Department issued a financial trend analysis on ransomware relating to Bank Secrecy Act (BSA) reporting filed in the first half of this...more
On September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) announced several actions focused on disrupting criminal digital finance infrastructure, including virtual currency...more
Agency’s Focus on Cryptocurrency and Blockchain Continues - On September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) released an updated advisory to “highlight the sanctions...more
On September 21, 2021 OFAC issued its first sanctions designation against a virtual currency exchange by designating the virtual currency exchange, SUEX OTC, S.R.O. (SUEX) “for its part in facilitating financial transactions...more
On September 21, 2021, the US Department of the Treasury took actions in response to the increasing prevalence and severity of ransomware attacks in the United States and address the central role that virtual currency and...more
Agency Designates Virtual Currency Exchange and Leaves Insurance Questions Unanswered - On September 2, 2021, OFAC published an update to their October 2020 Ransomware Advisory. We reported on the original Ransomware...more
Many companies have a “no ransomware payment” stance until faced with a ransomware attack, especially an attack that causes significant business disruption. At that point, the company may reconsider its stance (or at least...more
On September 21, 2021, the Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions on SUEX OTC, S.R.O, a cryptocurrency exchange, for its role in laundering money to ransomware attackers. According...more
Ransomware attacks are frequent and escalating as we speak. Double extortion scams are hitting companies at a dizzying pace, and catching companies, large and small, off-guard. U.S. President Joseph Biden warned Russian...more
The Financial Crimes Enforcement Network (“FinCEN”) has continued a spate of regulatory activity related to financial crimes compliance matters in the first year of the Biden Administration, recapped in its recent report...more
Three recent events are prompting me to update our previous blog post on the difficult decision of whether to pay or not to pay ransomware following an attack....more
On October 1, 2020, the Financial Crimes Enforcement Network (FinCEN) issued an advisory to alert Financial Institutions (FI) relating to “predominant trends, typologies, and potential indicators of ransomware and associated...more
The US Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) recently issued an advisory to remind US businesses about some aspects of ransomware scams and attacks. ...more
The prevalence, sophistication, and severity of ransomware attacks have increased anti-money laundering risks faced by financial institutions both as targets of ransomware attacks and as potential intermediaries in...more
National Veterinary Associates (NVA), a large network of veterinary hospitals and clinics, has reportedly been the victim of a ransomware attack. According to the reports, NVA employs more than 2,600 veterinarians, with over...more