No Password Required: An FBI Special Agent's Journey from Submarines to Anti-Corruption to Cybersecurity
Life With GDPR: Episode 22- Morrisons’ and vicarious liability
This Week in FCPA-Episode 55, the Covfefe Edition
A recent cyber attack targeting ZircoDATA, a data firm contracted by Australia’s Department of Home Affairs, has raised significant concerns about data privacy and cybersecurity in government-linked organizations. This breach...more
In the spirit of National Cybersecurity Awareness Month, the Office of Civil Rights (“OCR”) released a new video on October 17, 2024, to promote awareness on ransomware trends in the healthcare industry and how HIPAA subject...more
HHS Cybersecurity Performance Goals and the Healthcare Industry - The healthcare industry is a major target for cyberattacks because of all of the personal information collected from patients. Recognizing that the healthcare...more
In 2024, the cybersecurity landscape is poised for remarkable transformations and formidable challenges, and artificial intelligence (AI) is redefining the way we defend against cyber threats, with its prevalence in...more
Cyber incidents are among the fastest-growing existential threats to publicly traded companies. More than a technical headache, breaches can materially impact your bottom line—and the mere news of an incident can send stocks...more
On October 27, the FTC has approved an amendment to the Safeguards Rule that would require non-banking institutions to report certain data breaches and other security events to the agency. The amendment requires financial...more
This week, the SEC filed a high-profile litigation asserting fraud and internal controls charges against software company SolarWinds Corporation and its Chief Information Security Officer, Timothy G. Brown, in connection with...more
Information security will remain a top priority for all industries in 2023. Healthcare, government, and education will likely continue to be top targets for ransomware attacks, with for-profit businesses close behind. In...more
Andy Sekela is the Private Sector Coordinator for the FBI Tampa Division, who may just be on a mission to have the world’s coolest resumé. In this episode, Andy joins the No Password Required team to talk about his diverse...more
The FTC recently took action against the online alcohol marketplace company Drizly and its CEO for alleged security failures. The case arose from a 2018 data breach which was caused – according to the FTC – by poor security...more
Two legal cases in the US in the past month suggest that regulators and prosecutors are becoming more determined to take personal action against directors and senior executives who fail to deal adequately with cyber security...more
In the second of a three-part series, Buckingham Data Privacy and Cybersecurity Attorney David Myers talks with Andy Jones, CEO, Fortress Security Risk Management, and Bryan Schauer, Vice President at The Schauer Group’s...more
See how today’s top legal teams are leveraging technology to build habits that drive compliance, innovation, and efficiency. Experts agree that daily habits are the bedrock of success. The wisdom of the adage “an apple a...more
As a small- to medium-size business owner, have you ever thought about what’s involved in protecting your business from a security breach? You may even be asking yourself, “What do I have to protect? I’m not a target.”...more
On November 23, 2021, the OCC, Federal Reserve Board, and FDIC issued a joint final rule that requires banking organizations and their service providers to report certain computer-security incidents. A computer-security...more
On November 18, 2021, the Federal Deposit Insurance Corporation (FDIC), the Board of Governors of the Federal Reserve System (FRB), and the Office of the Comptroller of the Currency (OCC) issued a joint final rule (the...more
Investors filed a derivative suit claiming that the company knew about, and failed to mitigate known, existing cybersecurity risks and shortfalls prior to the security breach. In early November, pension funds and...more
Supreme Court of Virginia Declines Certified Questions from Federal Court in In re: Capital One Consumer Data Security Breach Litigation - The lawsuit In re: Capital One Consumer Data Security Breach Litigation, has already...more
The need to input a username and password when logging into a computer is a “single factor” authentication. But, from a security perspective, that single factor authentication only goes so far. Consider, for example, the...more
As cyberattacks continue to attract greater attention, the SEC has taken an additional step in its efforts to bring enforcement actions related to cyber disclosures. On June 14, the SEC announced settled charges against a...more
On June 15, 2021, the Securities and Exchange Commission (SEC) announced settled charges against real estate settlement services company First American Financial Corporation for disclosure controls and procedures violations...more
Colonial Pipeline shut down 5,500 miles of its East Coast pipeline on May 7, 2021, in an effort to contain a security breach resulting from a ransomware attack. Colonial’s pipeline is one of the nation’s largest and carries...more
In a recent post, we highlighted the need for a privacy and cybersecurity training program, one not solely focused on spotting phishing attempts (although that is quite important as well). A primary reason, quite simply, is...more
In today’s business landscape, it is nearly impossible to work alone. You have to collaborate with clients, vendors, suppliers, specialists, and plenty of other partners all considered third parties to your organization. As a...more
As if 2020 hasn’t caused enough hardship and headaches for employers already, the FBI and U.S. Cybersecurity Infrastructure Security Agency (“CISA”) recently issued a joint Cybersecurity Advisory Alert warning employers about...more