Here are my slides from the University of South Carolina Law School symposium on civil liability in data breach cases.
Here are some key sources discussing the recent cyber attack on Ukraine’s power grid: SANS ICS Blog: Confirmation of Coordinated Attack on Ukranian Power Grid iSight Partners Blog: Sandworm Team and the Ukranian Power Attacks ESET: BlackEnergy Trojan Strikes Again: Attacks on Ukrainian Electric Power Industry SecureList: New Observations on BlackEnergy 2 APT Activity […]
On November 9, 2015, Judge Richard Leon issued a preliminary injunction against the NSA bulk data collection program. On November 10, in a per curiam Order, the D.C. Circuit stayed the preliminary injunction pending the government’s appeal. Last Friday, November 20, the Circuit denied the plaintiffs’ emergency request for rehearing of the stay order en banc. In a […]
The ability of an ISP or social media site to block access to controversial or inflammatory content is a difficult issue at the intersection of cybersecurity and Internet governance. In a case just decided by Judge Lucy Koh in the Northern District of California, Facebook won dismissal on the pleadings of Sikhs for Justice’s (“SFJ”) claim that […]
Yesterday the New York State Department of Financial Services sent a letter to members of the Financial and Banking Information Infrastructure Committee announcing a plan to enact new cybersecurity regulations for financial institutions. The regulations would require covered entities to Maintain written internal cybersecurity policies and procedures; Maintain policies and procedures to ensure the security […]
Federal prosecutors unsealed indictments against three men who allegedly engaged in a sprawling cybercriminal enterprise that hacked into J.P. Morgan Chase & Co. and several U.S. financial institutions. Source: Charges Announced in J.P. Morgan Hacking Case – WSJ
Here is a nifty graphic from the McAfee Labs 2016 Threat Predictions Report.
Judge Richard Leon in the District of Columbia federal court has again issued a preliminary injunction against the continuation of the NSA bulk telephony metadata collection program. The bulk collection program is set to expire on November 29, 2015 under the USA FREEDOM Act, so the injunction in this case will not have long-term impact. […]
I presented this morning at PLI’s annual “Think Like a Lawyer, Talk Like a Geek” seminar. Here is my presentation, which focuses on cyber risk insurance issues.
An interesting cyber insurance coverage case was filed recently in the the Northern District of Atlanta involving bitcoin payment processor Bitpay. Bitpay’s CFO was spear phished, leading to an improper transfer of bitcoins valued at $1.8 Million. Bitpay had been issued a Commercial Crime Policy by Hanover Insurance Group, which included coverage for “Computer Fraud,” […]