Ransomware – Debevoise Data Blog

Artificial Intelligence

Top 10 (Well, 11) Cybersecurity Blog Posts for 2024

By: Charu A. Chandrasekhar, Luke Dembosky, Avi Gesser, Gareth Hughes, Erez Liebermann, Jim Pastore, Caroline Novogrod Swett, Marshal Bozzo, Matt Kelly, Robert Maddox, Johanna Skrzypczyk, HJ Brehmer, Stephanie Cipolla, Jackie Dorward, Melyssa Eigen, Joshua A. Goland, Martha Hirst, Karen Joo, Gabriel Kohan, Jarrett Lewis, Noah L. Schwartz, Ned Terrace, Stephanie Thomas, Annabella M. Waszkiewicz, Michiko Wongso and Mengyi Xu December 10, 2024

As we approach the end of the year, here are the Top 10 Cybersecurity posts on the Debevoise Data Blog in 2024 by page views. If you are not already…

EU

Robert Maddox to Speak at Incident Response Forum Europe 2024

By: Robert Maddox October 8, 2024

On Thursday, October 17th, at 10:40-11:25 AM (ET), Robert Maddox will speak on a virtual panel entitled “Ransomware in Europe: Best Practices and Pitfalls for Corporates and Other Organizations.” To…

Artificial Intelligence

Treasury’s Report on AI (Part 2) – Managing AI-Specific Cybersecurity Risks in the Financial Sector

By: Avi Gesser, Erez Liebermann, Matt Kelly, Jackie Dorward, Kyungjin Kim and Joshua A. Goland July 2, 2024

This is the second post in our two-part Debevoise Data Blog series covering the U.S. Treasury Department’s report on Managing Artificial Intelligence-Specific Cybersecurity Risks in the Financial Services Sector (the “Report”). In…

Business

SEC Releases New Guidance on Material Cybersecurity Incident Disclosure

By: Paul Rodel, Benjamin R. Pedersen, Erez Liebermann, Eric T. Juergens, Anna Moody, John Jacob and Kelly Donoghue June 27, 2024

June 27, 2024 On June 24, 2024, the staff of the Division of Corporation Finance of the Securities and Exchange Commission (the “SEC”) released five new Compliance & Disclosure Interpretations…

Ransomware

Lessons Learned from DOJ’s Takedown of Hive Ransomware

By: Luke Dembosky, Avi Gesser, Erez Liebermann and Mengyi Xu January 27, 2023

On January 26, 2022, the FBI, DOJ, and international law enforcement partners dropped a bombshell of an announcement: they had dismantled the infrastructure of one of the most prolific ransomware…

Ransomware

Erez Liebermann Discussed New Regulatory Requirements and Guidance at Incident Response Forum Ransomware 2023

By: Erez Liebermann January 25, 2023

On Thursday, January 12, 2023 at 3:00 PM EST Erez Liebermann spoke on a virtual panel entitled The Changing Tides of Regulation: Navigating New Regulatory Requirements and Guidance Around Cybersecurity…

CISA

SEC Cybersecurity Update: Chair Gensler Offers Insight into Upcoming Regulation

By: Avi Gesser, Charu A. Chandrasekhar, Christopher S. Ford, HJ Brehmer and Matthew C. Rametta January 25, 2022

On January 24, 2022, SEC Chair Gary Gensler gave a speech on cybersecurity rulemaking to the Annual Securities Regulation Institute, outlining a number of key points he expects the SEC…

Announcement

Regulatory Risks of the Log4j Vulnerability: FTC Warns Companies to Take Reasonable Steps to Protect Consumer Data

By: Luke Dembosky, Avi Gesser and Michael R. Roberts January 7, 2022

Be prepared for increasing scrutiny from the Federal Trade Commission (“FTC”) and other regulators regarding the Log4j vulnerability. The attention of the cybersecurity community has been captured by the recently…

Announcement

The New York DFS Issues Guidance on Multifactor Authentication

By: Luke Dembosky, Avi Gesser, Jeremy Feigelson, Alexandra P. Swain, Parker Eudy and Noah L. Schwartz December 13, 2021

On December 7, 2021, the New York Department of Financial Services (“DFS”) released new guidance on multifactor authentication (“MFA”), indicating that it is increasing its review of MFA during examinations,…

CISA

An Overview of Proposed Cybersecurity Legislation: Which Incidents Are Covered, Who Counts as Critical Infrastructure, and What New Obligations Are Created?

By: Luke Dembosky, Avi Gesser, HJ Brehmer and Stephanie Thomas November 22, 2021

On November 15, 2021, President Biden signed the Infrastructure Investment and Jobs Act into law, authorizing $1.2 trillion for infrastructure spending, including approximately $2 billion for various federal cybersecurity projects.…