Kim Peretti

About Kim Peretti

A former DOJ cybercrime prosecutor and former director of PwC's cyber forensics group, Kim delivers top of the line cyber risk management and information security counsel to her clients. As co-leader of our Privacy, Cyber & Data Strategy Team, Kim is recognized by select publications and is frequently quoted by the media.

[Read Bio]

Ghost (Cring) Ransomware: Understanding The Threat & How Enterprises Can Defend Themselves

February 21, 2025 By Kim Peretti and Zain Haq

On February 19, 2025, the Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), issued a joint cybersecurity advisory on the growing threat of Ghost (Cring) ransomware. Active since early 2021, this ransomware group has targeted organizations in over 70 […]

Ransom Payments At A Historic Low According to Report

February 20, 2025 By Kim Peretti and Scott Hilsen

On February 4, 2025, Coveware, Inc. released its quarterly ransomware report for the fourth quarter of 2024, and identified that the percentage of victims paying ransoms fell to a historic low of 25%. While the average amount of a payment in Q4 2024 rose 16% quarter-over-quarter to $553,959, the median amount dropped a significant 45% […]

CISA Releases the AI Cybersecurity Collaboration Playbook to Strengthen AI-related Cybersecurity Information Sharing and Collaboration

February 3, 2025 By Seol Namgoong and Kim Peretti

On January 14, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released the AI Cybersecurity Collaboration Playbook (the “Playbook”) to provide guidance to organizations within the AI community (including AI providers, developers, and adopters) to voluntarily share AI-related cybersecurity information with CISA and its partners through the Joint Cyber Defense Collaborative (JCDC). To combat AI-related […]

Last Minute Biden Cybersecurity and Artificial Intelligence Executive Orders Survive Initial Trump Revocations

January 25, 2025 By Kim Peretti, Kate Hanniford, Daniel Felz, Alysa Austin and Andrew Rice

In the final week of the Biden Administration’s term in office, former President Biden issued two high profile executive orders that could have significant ramifications for the cybersecurity and technology industries. The first, issued on January 14, 2025, is an “Executive Order on Advancing United States Leadership in Artificial Intelligence Infrastructure” (the “AI Infrastructure Order”). […]

FTC Announces Proposed Settlement with GoDaddy Incorporating Prescriptive Cybersecurity Requirements

January 21, 2025 By Kim Peretti, Lance Taubin and Carson Kuck

On January 15, 2025, the Federal Trade Commission (FTC) announced a proposed settlement with GoDaddy Inc. (GoDaddy) for making false or misleading representations about their security practices in violation of Section 5 of the FTC Act. GoDaddy, a website hosting company, serves approximately 5 million customers. In the complaint, the FTC indicated that although GoDaddy […]